Inc Ransomware Exploits SonicWall SMA Zero-Days
When chained together, the two vulnerabilities allow threat actors to gain root-level capabilities on SonicWall's mobile access appliances.
Mobile security covers threats to smartphones and tablets, including malicious apps, data theft, account compromise, and insecure wireless connections.
Search across headline titles and summaries.
Background for this topic.
Mobile security covers the protection of smartphones, tablets, and closely related handheld devices, including their operating systems, applications, wireless connections, and stored data. These devices combine personal and business information with cellular, Wi‑Fi, Bluetooth, and location services, and often provide access to cloud and corporate systems.
Material risks include malicious or over-privileged applications, phishing and fraudulent authentication prompts, unpatched operating-system or baseband vulnerabilities, and exposure after a device is lost or stolen. Security teams typically reduce these risks through timely updates, approved application sources, encryption, strong screen locks and phishing-resistant authentication where supported, and mobile-device management that enforces policy and can remove access or wipe business data. Application permissions and device telemetry also require privacy controls, particularly when personal and corporate data share the same device. Mobile vulnerability disclosures and incidents may require checking device models, operating-system versions, applications, and management coverage rather than treating all mobile devices as equivalent.
Weekly headline count for the current query.
When chained together, the two vulnerabilities allow threat actors to gain root-level capabilities on SonicWall's mobile access appliances.
In hard-to-detect attacks, hackers are dropping the CloudZ RAT and a fresh plug-in, Pheno, to hijack the Windows-based bridge between PCs and smartphones.
Cyber-fraudsters move quickly from compromised devices to account takeover to funds transfer, shifting money before many financial institutions can react.
Data privacy labels are a great idea for mobile apps, but the current versions just aren't good enough.
Even organizations with users unwilling or unable to adopt iOS 26 can now protect themselves from a severe mobile OS-cracking tool.
The April/May zero-day exploitations of Ivanti's mobile device management platform meant unprecedented pwning of thousands of orgs by a Chinese APT — and history will probably repeat itself.
Iran's top state-sponsored APT is usually rather crass. But in a recent spate of attacks, it tried out some interesting evasion tactics, including delving into Snake, an old-school mobile game.
People habitually ignore cybersecurity on their phones. Instead of compensating for that, organizations are falling into the very same trap, even though available security options could cut smishing success and breaches in half.
With SMS, voice, and QR-code phishing incidents on the rise, it's time to take a closer look at securing the mobile user.
New features to take over smartphones and monitor user activity demonstrate the continued evolution of the malware, which is now being spread on GitHub.
A swath of copycat Korean apps are hiding spyware, occasionally leading to highly personal, disturbing extortions.
Mercedes, Skoda, and Volkswagen vehicles, as well as untold industrial, medical, mobile, and consumer devices, may be exposed to a vulnerable Bluetooth implementation called "PerfektBlue."
Following a breach at the country's top mobile provider that exposed 27 million records, the South Korean government imposed a small monetary penalty but stiff regulatory requirements.
While ushering in "great operational value" for organizations, private 5G networks add yet another layer to CISOs' responsibilities.
Customers in parts of Wisconsin and Michigan could not make calls or send text messages for nearly a week after an incident on May 14, and service is still intermittent in some areas.
A hacker exploiting the security flaw in the mobile provider's network could have potentially located a call recipient with accuracy of up to 100 square meters.
The security software maker said the vulnerabilities in Endpoint Manager Mobile have been exploited in the wild against "a very limited number of customers" — for now — and stem from open source libraries.
An analysis of more than a half-million mobile apps find encryption problems, privacy issues, and known vulnerabilities in third-party code. What can users and developers do?
Cloud misconfigurations and cryptography flaws plague some of the top apps used in work environments, exposing organizations to risk and intrusion.
The malware, first discovered in 2016, has been updated over the years, and the latest version is now hiding in the firmware of counterfeit mobile phones.