Wireless / Mobile Security — News

Security roundup: Steve Jobs, Apple and IT security; DDoS attacks against VoIP; a hot week for SIEM

By Ellen Messmer | 08 October, 2011 05:38

This week the respectful thoughts of many turned to Steve Jobs, the legendary co-founder of Apple, who passed away at the age of 56. When it comes to security, Apple computers were remarkable for the kinds of troubles they largely didn't have in comparison to Microsoft-based computers with their high rate of enterprise adoption that the Apple Macintosh never achieved. Microsoft operating systems and applications over time have been relentlessly targeted by attackers if only because Microsoft products constituted a large field of malware opportunity due to their huge market acceptance, plus the number of vulnerabilities discovered in them month after month.

HTC breach a reminder on mobile security

By David Braue | 07 October, 2011 15:58 | 1 Comment

It's hardly the kind of thing any company wants attached to its name, but HTC's rapid acknowledgment of confessed "serious" security exploit, discovered and published this week by security researchers, may ultimately help deflect criticisms and will, regardless, serve as a valuable reminder to CSOs that mobile devices represent a new and still-evolving security threat within the enterprise.

Which smartphone is the most secure?

By Spencer McIntyre | 07 October, 2011 06:01

These days, it is almost impossible to meet someone who doesn't own a cell phone. More specifically, smart phones, whether it be the trendy iPhone, corporate favored Blackberry or modern Windows Mobile, almost everyone has joined the smart phone frenzy -- and with good reason. A smart phone offers more advanced computing ability and connectivity than a contemporary phone.

Android's big security flaw, and why only Google can fix it

By Robert Lemos | 06 October, 2011 21:06

In August 2010, hackers bent on jailbreaking Android smartphones found a vulnerability in the way the Android debugger handled an overwhelming number of processes. The code designed to exploit the flaw, dubbed RageAgainstTheCage, allowed users to reflash their smartphone and install custom firmware.

Laptops walking out the door of policy-free firms

By David Braue | 06 October, 2011 14:24 | 1 Comment

Concerned that your employees are being a bit lax when it comes to looking after their laptops? Steal them yourself, one vendor has advised in the wake of yet another damning security report that suggests laptops and other equipment are literally walking out of Australian companies that are still operating at far below world's best practice when it comes to device security.

Can we ever close the USB security gap?

By David Braue | 05 October, 2011 21:00 | 1 Comment

When something as seemingly esoteric as USB security can hit a mainstream cartoon like Dilbert, you know it’s a real issue. But it’s also one that has been poorly addressed by many companies, whose employees seem to be losing data through this largely unpoliced security hole faster than your Uncle Barry going through $2 coins at the local TAB.

Mobile security threats are heating up

By George V. Hulme | 06 October, 2011 00:56

According to industry analysts, mobile device shipments will exceed a billion devices in 2015 and will rapidly outrun PC shipments. That's great news for end user convenience, mobility, and work-anywhere productivity. But it also means that enterprises must brace for the fact that the bad guys will target these devices with attack exploits, spyware, and rogue applications.

WiFi users blissfully ignorant about real security, research finds

By Bob Brown | 06 October, 2011 06:43

New research conducted on behalf of the Wi-Fi Alliance shows that while wireless users are making strides on the security front, they’re still leaving their Wi-Fi networks too open to intruders.

iPad data LP: Security savior or strong-arm tactic

By Tom Kaneshige | 05 October, 2011 03:17

It's a late night, and you've fired up Facebook on your ACME.com company-owned iPad to post some bad news. "A reduction in workforce is going to happen this week," you type into your update status field and tap the post button.

XSS web attacks could live forever, researcher warns

By Lucian Constantin | 05 October, 2011 01:55

Websites that accidentally distribute rogue code could find it harder to undo the damage if attackers exploit widespread browser support for HTML5 local storage and an increasing tendency for heavy users of Web apps never to close their browser.

Flash Player 11: Adobe's great security hope

By Stilgherrian | 04 October, 2011 08:59

Flash Player 11 should fix plenty of security holes, just like Adobe Reader X did a year ago. But Adobe's products will continue to be a target as long as people insist on running obsolete software.

Massive Security Vulnerability in HTC Android Phones Claimed

By John P. Mello Jr. | 03 October, 2011 19:14

Security researchers say they've uncovered a flaw in several smartphone models produced by HTC that gives any application that has Internet access the keys to a trove of information on the phone, including e-mail addresses, GPS locations, phone numbers, and text message data.

IBM X-Force: Mobile devices are a fast growing target of malware

By Tim Greene | 30 September, 2011 09:42

Look for double the mobile exploits this year vs. 2010 and particularly watch out for mobile applications that are really malware, says IBM's X-Force security research team.

IBM: Don’t bully the ‘idiots’ who fall for phishing

By Liam Tung | 30 September, 2011 07:11

IT professionals should stop mocking their users for doing seemingly stupid things like opening phishing emails, according to IBM. These un-patchable people could turn out to be the canary that flags the next Advanced Persistent Threat attack.

Amazon's Silk browser raises privacy, security eyebrows

By Gregg Keizer | 30 September, 2011 06:39

Amazon's new Silk browser has raised some eyebrows among privacy and security experts.

Russian company adds BlackBerry password cracker

By Jeremy Kirk | 29 September, 2011 20:52

A Russian security company has upgraded a phone-password cracking suite with the ability to figure out the master device password for Research in Motion's BlackBerry devices.

Rema Tip Top studies tablets following security upgrade

By Hamish Barwick | 26 September, 2011 09:43

Automotive and industrial products company Rema Tip Top Australia has begun the process of a tablet review following the implementation of a new firewall system.

iPhone 5 dream a BYO security nightmare

By David Braue | 29 September, 2011 12:17 | 2 Comments

If your company is like most, you've been wrestling carefully with the security protections necessary to manage demand for bring-your-own (BYO) computing policies. You may even work at Suncorp or one of the other organisations, that have embraced the idea as a way to reduce IT costs and boost employee satisfaction.

Catching up with mobile security threats

By Elisabeth Horwitt | 29 September, 2011 08:29

Development of enterprise mobile apps has been moving more slowly than development of consumer-facing apps, according to Gartner. One main reason is IT leaders' concerns about the security of mobile devices, which are often employees' personal devices, and are vulnerable to being lost, hacked or stolen. While there are plenty of established tools and practices for keeping Web visitors from straying (or hacking) into sensitive corporate data, managing security across a diverse set of mobile devices remains a challenge, IT experts say.

Tips for better mobile security

By Matt Rodgers | 26 September, 2011 12:25

In the last 18-months, the mobile computing landscape has changed completely. People are bringing their own computers to the office and carrying smartphones and tablet devices that are as powerful as desktop computers were only a short while ago. Here’s how to make sure these devices don’t compromise your organisation.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

SECURE Web Gateway

Balancing the requirement for strong network security with the need to harness collaborative web technologies is essential for business growth.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.