Security News

Wireless carrier T-Mobile is sending notifications to its customers to inform them of a data breach that resulted in some of their personal information being compromised. Because some of these accounts contained account information for T-Mobile customers and employees, the attack essentially resulted in that data being accessed by a third-party.

US-based telecom giant T-Mobile has suffered yet another data breach incident that recently exposed personal and accounts information of both its employees and customers to unknown hackers. What happened? In a breach notification posted on its website, T-Mobile today said its cybersecurity team recently discovered a sophisticated cyberattack against the email accounts of some of its employees that resulted in unauthorized access to the sensitive information contained in it, including details for its customers and other employees.

Cybercriminals are finding new ways to get malware on mobile devices, including abusing Android's accessibility features, according to a McAfee report. "Certain apps are hiding themselves and stealing resources and data from mobile devices, according to a new report by security firm McAfee. This is a growing threat comprising almost half of all malicious mobile malware, and a 30% increase from 2018, said Raj Samani, chief scientist and McAfee fellow, who authored the Q1 2020 McAfee Mobile Threat Report. SEE: Top Android security tips"This shows where the focus from criminals [is] on the mobile platform, which is in stark contrast to non-mobile malware,'' Samani said.

Mobile payment fraud is growing, and is growing faster in the mobile ecosystem than anywhere else. Just as the targets have evolved with the emergence of mobile as the fraud platform of choice, so too have the payment types evolved.

Popular pharmacy chain Walgreens is warning that a bug in its official mobile app may have exposed sensitive data, including customers' full names and information on prescriptions for medications they are taking. While Walgreens did not detail the technical glitch, it said that the internal application error enabled certain personal messages, stored in a database, to be viewed by other customers who were using the mobile app.

The mobile app of U.S. pharmaceutical retailer Walgreens inadvertently disclosed personal messages to other customers due to an internal application error, revealing some health-related information. Walgreens filed a copy of the data breach notification it has sent to affected customers with California's Office of the Attorney General, which makes those notifications public.

Pharmacy store chain Walgreens has started informing some users of its mobile application that their personal and health-related information may have been seen by other customers. The Walgreens mobile application allows users to shop, refill their prescriptions, get pill reminders, consult a doctor or pharmacist via a live chat feature, print photos in stores, obtain rewards, and store coupons.

The percentage of companies admitting to suffering a mobile-related compromise has grown despite a higher percentage of organizations deciding not to sacrifice the security of mobile and IoT devices to meet business targets, Verizon has revealed in its third annual Mobile Security Index report, which is based on a survey of 876 professionals responsible for the buying, managing and security of mobile and IoT devices, as well as input from security and management companies such as Lookout, VMWare and Wandera. The report also shows that attackers hit businesses big and small, and operating in diverse industries, and that those that had sacrificed mobile security in the past year were 2x as likely to suffer a compromise.

It enables Intune users to connect from managed mobile apps to data sources of their choice via a micro VPN. The growth in demand for, and usage of enterprise mobile applications is undeniable, with the enterprise mobile application development market expected to grow at a CAGR of 15.65% by 2025. Enterprises continue to struggle with secure access from the managed mobile apps to their sensitive data, stored on premises or in their private clouds, that increasingly power critical business outcomes and cost-effectively driving end-user adoption of mobile apps.

The impersonation attack - named "IMPersonation Attacks in 4G NeTworks" - exploits the mutual authentication method used by the mobile phone and the network's base station to verify their respective identities to manipulate data packets in transit. The man-in-the-middle attack allows a hacker to impersonate a user towards the network and vice versa.