Security news aggregator

Latest coverage for Mobile

Mobile security covers threats to smartphones and tablets, including malicious apps, data theft, account compromise, and insecure wireless connections.

10 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Mobile security covers the protection of smartphones, tablets, and closely related handheld devices, including their operating systems, applications, wireless connections, and stored data. These devices combine personal and business information with cellular, Wi‑Fi, Bluetooth, and location services, and often provide access to cloud and corporate systems.

Material risks include malicious or over-privileged applications, phishing and fraudulent authentication prompts, unpatched operating-system or baseband vulnerabilities, and exposure after a device is lost or stolen. Security teams typically reduce these risks through timely updates, approved application sources, encryption, strong screen locks and phishing-resistant authentication where supported, and mobile-device management that enforces policy and can remove access or wipe business data. Application permissions and device telemetry also require privacy controls, particularly when personal and corporate data share the same device. Mobile vulnerability disclosures and incidents may require checking device models, operating-system versions, applications, and management coverage rather than treating all mobile devices as equivalent.

Showing 10 most recent headlines Filtered view

Letters to FCC prove what many believed, but don't address a bigger problem US mobile carriers know a lot about where their customers are located, and according to letters sent to the Federal Communications Commission (FCC), they routinely store such data for years, willingly hand it over to law enforcement if served a proper subpoena, and say users can't opt out.…

Judge says that servers being located in Singapore is not a get-out clause A ruling handed down from the Delhi High Court this week declared that Telegram must hand over information such as IP addresses, mobile numbers, and devices used by channels on the platform involved in copyright infringement.…

Spoiler: They used hard-coded AWS credentials Massive amounts of private data – including more than 300,000 biometric digital fingerprints used by five mobile banking apps – have been put at risk of theft due to hard-coded Amazon Web Services credentials, according to security researchers.…

Krebs on Security 3 years, 10 months ago

How 1-Time Passcodes Became a Corporate Liability

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world's largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices.