Krebs on Security

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation determined that someone abused its systems to harvest subscriber data tied to approximately 37 million current customer accounts.

Data breaches 302

Data breaches Cybersecurity Passwords Phishing 302

The Last Watchdog

MAY 16, 2023

Related: The role of legacy security tools Yet the heaviest volume of routine, daily cyber attacks continue to target a very familiar vector: web and mobile apps. A10 has a birds eye view of the flow of maliciousness directed at web and mobile apps — via deployments of its Thunder Application Delivery Controller (ADC.)

Cloud 214

Cloud Marketing Access Security 214

PerezBox

NOVEMBER 29, 2018

The post How to enable 2FA on Twitter with Authy, Google Authenticator or another Mobile Application appeared first on PerezBox. It’s been a long time since I have had to enable 2FA on Twitter and found the process completely infuriating. Twitter’s 2FA configuration uses SMS as the default option, this.

Authentication 73

Authentication IT Security 73

Data Breach Today

JANUARY 19, 2023

Unauthorized Party Obtained Access to Company API for Approximately 6 Weeks T-Mobile disclosed Thursday that hackers had access for approximately 6 weeks to an application programming interface that exposed customer data including names, dates of birth and email addresses.

Passwords 246

Passwords Access 246

Krebs on Security

AUGUST 3, 2023

Researchers say mobile malware purveyors have been abusing a bug in the Google Android platform that lets them sneak malicious code into mobile apps and evade security scanning tools. At issue is a mobile malware obfuscation method identified by researchers at ThreatFabric , a security firm based in Amsterdam.

IT 199

IT Security 199

Data Breach Today

DECEMBER 3, 2020

Application Tracks Individuals via Mobile Phones Twenty-five countries are likely using spyware sold by a company called Circles that can snoop on mobile phone calls and text messages, according to Citizen Lab, a research organization based at the University of Toronto.

289

289

Data Breach Today

SEPTEMBER 5, 2022

Now-Removed Apps Have 60K Downloads; Target Victims in Australia, US The operators behind banking Trojan SharkBot are distributing an updated version of the malware on now-deactivated malicious applications on Google Play.

Security 246

Security IT 246

Security Affairs

OCTOBER 30, 2023

Canada banned the Chinese messaging app WeChat and Kaspersky antivirus on government mobile devices due to privacy and security risks. The Government of Canada announced a ban on the use of the WeChat and Kaspersky applications on government-issued mobile devices due to privacy and security risks.

Government 118

Government Privacy Risk Data collection 118

DLA Piper Privacy Matters

MARCH 22, 2021

The Electronic Communications Privacy Act (ECPA) is a law noted for its complexity, and the second portion of it, the Stored Communications Act (SCA) is no exception. In a recent case in the Seventh Circuit, the District Court for the Northern District of Illinois examined the scope of the SCA and what it was, and was not, intended to cover.

Communications 95

Communications Computer and Electronics Access Privacy 95

Data Breach Today

AUGUST 20, 2021

Ongoing Probe Has Found More Data Was Stolen Than First Suspected T-Mobile USA says its massive data breach is worse than it first reported: The count of prepaid and postpaid customers whose information was stolen has risen to 14 million.

Data breaches 304

Data breaches IT 304

The Last Watchdog

FEBRUARY 28, 2022

One could make the argument that Application Programming Interfaces — APIs – are a vital cornerstone of digital transformation. This has resulted in astounding innovations in cloud services, mobile computing, IoT systems and agile software development. Related: How a dynamic WAF can help protect SMBs. API complexity.

Security 266

Security IoT Digital transformation Authentication 266

Data Breach Today

MARCH 30, 2021

Malware Steals Data, Messages, Images; Takes Control of Phones Android device users are being targeted by a sophisticated spyware app that disguises itself as a "system update" application, warns mobile security firm Zimperium. The app can steal data, messages and images and take control of phones.

Security 304

Security 304

The Last Watchdog

MAY 18, 2023

Your go-to mobile apps aren’t nearly has hackproof as you might like to believe. Related: Fallout of T-Mobile hack Hackers of modest skill routinely bypass legacy security measures, even two-factor authentication, with techniques such as overlay attacks. And hard data shows instances of such breaches on the rise.

Security 202

Security Authentication Privacy Cybersecurity 202

The Last Watchdog

MAY 23, 2023

As digital transformation accelerates, Application Programming Interfaces (APIs) have become integral to software development – especially when it comes to adding cool new functionalities to our go-to mobile apps. Hackers know just how vulnerable companies are at this moment.

Digital transformation 200

Digital transformation Financial Services Encryption Communications 200

Data Breach Today

JULY 23, 2021

OIG Audit Shows Consumer Applications Inadequately Protected U.S.

Risk 327

Risk Security IT 327

Data Breach Today

FEBRUARY 23, 2021

Broken object level authorization, or BOLA, vulnerabilities are among the most common and worrisome weaknesses contained in dozens of mobile health applications used by patients and clinicians, posing security and privacy risks to health information, says cybersecurity researcher Alissa Knight.

Security 269

Security Privacy Cybersecurity Risk 269

Data Breach Today

AUGUST 23, 2021

Ongoing Probe Has Found More Data Was Stolen Than First Suspected T-Mobile USA says its massive data breach is worse than it first reported: The count of prepaid and postpaid customers whose information was stolen has risen to 14 million.

Data breaches 246

Data breaches IT 246

Security Affairs

MARCH 29, 2024

The company was the victim of credential stuffing attacks against its website and mobile application on November 18-19 and November 25, 2023. The company also announced the implementation of specific measures to improve the website and mobile application protection from credential stuffing attacks.

Passwords 108

Passwords Access Authentication Cybersecurity 108

Thales Cloud Protection & Licensing

FEBRUARY 21, 2024

How Thales and Red Hat Protect Telcos from API Attacks madhav Thu, 02/22/2024 - 04:55 Application programming interfaces (APIs) power nearly every aspect of modern applications and have become the backbone of today’s economy. These include breaches on major operators such as T-Mobile.

Encryption 139

Encryption Cloud Access Government 139

Data Breach Today

JUNE 17, 2020

Positive Technologies Says Popular Apps Susceptible to Hacking Vulnerabilities in a number of mobile banking applications make them susceptible to hacking and customer account data theft, according to the security firm Positive Technologies.

Security 262

Security 262

IBM Big Data Hub

FEBRUARY 26, 2024

This week, as thousands of network operators, technology vendors, and mobile device providers from all over the world converge on Barcelona for Mobile World Congress , it’s the perfect time to discuss how IBM® is shaping the future of network operations and telecommunications.

Cloud 104

Cloud Artificial Intelligence Customer Experience Retail 104

Data Breach Today

MARCH 2, 2020

For Six Days, App May Have Shown Private Messages to Other Users Walgreens' mobile app inadvertently disclosed personal messages to other customers due to an internal application error, revealing some health-related information. The company did not say how many people were affected.

260

260

IBM Big Data Hub

AUGUST 24, 2023

James opens the mobile device management software that his company is using, immediately finds Robert’s iOS smartphone in the tool, and does a remote wipe. What James has done with Robert’s lost iOS smartphone is part of mobile device management (MDM). What is mobile device management (MDM)? So what sets them apart?

MDM 68

MDM Access Security Personal data 68

Krebs on Security

AUGUST 18, 2021

T-Mobile is warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. T-Mobile hasn’t yet responded to requests for clarification regarding how many of the 7.8

Passwords 320

Passwords Data breaches Sales Phishing 320

Data Breach Today

DECEMBER 2, 2022

on What It Takes to Meet New Resiliency Requirements Resiliency is a core topic in OWASP's Mobile Application Security Verification Standard. Dan Shugrue of Digital.ai What's key context to know? Dan Shugrue of Digital.ai

Security 130

Security IT 130

Data Breach Today

DECEMBER 16, 2022

Synack Co-Founder on Why Assessing the Security of Headless APIs Is Such a Struggle APIs increasingly drive everything from web and mobile application development to IoT devices since they streamline communication among disparate systems, says Synack CEO Jay Kaplan.

IoT 130

IoT Communications Security 130

Security Affairs

APRIL 13, 2023

An improper intent handling issue affecting the Kyocera Android printing app can allow malicious applications to drop malware. “Multiple mobile printing apps for Android are vulnerable to improper intent handling ( CWE-668 ).” ” reads the advisory published by the JVN.

Education 94

Education Access Cybersecurity Security 94

Data Breach Today

AUGUST 23, 2021

Ongoing Probe Has Found More Data Was Stolen Than First Suspected T-Mobile USA says its massive data breach is worse than it first reported: The count of prepaid and postpaid customers whose information was stolen has risen to 14 million.

Data breaches 175

Data breaches IT 175

Security Affairs

JULY 9, 2023

Both applications are file management apps from the same developer and have been discovered sending data to multiple servers in China. Below are the recommendations provided by the experts: First, we advise anyone using these applications to delete them. As an organization Sensibilize collaborators on mobile threats.

Cybersecurity 96

Cybersecurity Security Information Security IT 96

Security Affairs

FEBRUARY 14, 2024

Zoom addressed seven vulnerabilities in its desktop and mobile applications, including a critical flaw (CVE-2024-24691) affecting the Windows software. The video messaging company also resolved a high-severity escalation of privilege defect in these Windows applications, noting that it can be exploited locally, without authentication.

Authentication 124

Authentication Access IT Security 124

The Last Watchdog

SEPTEMBER 4, 2019

Organizations that are all-in leveraging microservices to speed-up application development, on the DevOps side of the house, have begun acknowledging the importance of incorporating SecOps along the way. What’s more, based on WhiteHat’s partner, NowSecure’s insight, some 70% of mobile apps were found to leak sensitive data.

Security 170

Security Customer Experience Access Security awareness 170

Security Affairs

APRIL 16, 2024

The sophisticated mobile spyware has resurfaced after several months of inactivity, the new version of LightSpy, dubbed “F_Warehouse”, supports a modular framework with extensive spying capabilities. Application inventory: Gather details about installed applications on the device.

Encryption 102

Encryption Communications Access Passwords 102

The Last Watchdog

AUGUST 28, 2023

API security has arisen as a cornerstone of securing massively interconnected cloud applications. As a fast-rising mobile ad network going toe-to-toe with Google and Facebook, Applovin has been acquiring advanced security tools and shaping new practices to manage its API exposures. “As

Security 187

Security Cloud IT 187

Security Affairs

JULY 30, 2023

Software firm Ivanti disclosed another security vulnerability impacting Endpoint Manager Mobile (EPMM), that it said actively exploited. “A vulnerability has been discovered in Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core.” ” reads the advisory published by the company.

Authentication 89

Authentication Cybersecurity Risk Government 89

Data Breach Today

JUNE 18, 2020

Popular Apps Too Susceptible to Hacking, Positive Technologies Warns Vulnerabilities due to "coding errors" in a number of mobile banking applications make them all too susceptible to hacking and customer account data theft, the security firm Positive Technologies warns.

Security 186

Security 186