The recently-discovered KeyRaider malware harvested more than 225,000 login credentials by targeting jailbroken iPhones, making it the largest known Apple account theft caused by malware, according to researchers from Palo Alto Networks.
Spanish telecom provider Telefonica and mobile identity firm TeleSign are partnering to offer enterprises and service providers a suite of services to address mobile authentication and fraud prevention.
A survey of more than 1,000 federal workers by mobile security firm Lookout found that nearly 40 percent of respondents ignore policies prohibiting mobile device use, putting sensitive data at risk.
Android lock patterns, which Google introduced as an alternative to passwords, are not necessarily harder to guess or more secure than passwords.
Apple devices are popular with enterprises because of their reputation for rock-solid security. Yet, Apple had to plug a staggering 71 security holes in its latest update to its mobile operating system.
While many IT security pros fret about moving sensitive corporate data to the cloud, a recent survey IT security pros at last week's Black Hat security conference found that they are more worried about endpoint security risks.
The fingerprint data for HTC's One Max smartphone was stored as a bitmap file "in plaintext and in a world-readable place" with permissions that made it accessible from other apps, according to FireEye researchers.
Attackers could gain unrestricted access to hundreds of millions of Android devices made by major manufacturers by exploiting a zero-day vulnerability in the architecture of mobile remote support tools, mobile threat researchers from Check Point Software Technologies told an audience here Thursday at the BlackHat security conference.
Fifteen zero-day vulnerabilities have been discovered so far in 2015, all of them in Adobe and Microsoft products, according to a report released by security firm Secunia on Thursday at BlackHat.
A researcher from Trend Micro reported a flaw in more than half of Android smartphones that an attacker could exploit to render an Android phone "apparently dead – silent, unable to make calls, with a lifeless screen."