News

Most businesses have a strong focus on maintaining a clean and safe working environment, especially in critical sectors. No medical practitioner who values the lives of their patients would take a shortcut on handwashing and surface sterilization protocols. No one working with hazardous materials who values their own life would skip out on protective equipment. Even in sectors like education and retail, hygiene is still a top priority.

Yet in the same environments where clinical hygiene is maintained, cyber hygiene is often left to chance, especially when it comes to mobile device security.

Mobile devices are no longer just simple communication tools, they are now seen as essential to frontline operations. This means they are also a priority target for cybercriminals searching for weak points to breach corporate networks.

As the mobile threat grows, cybersecurity hygiene needs to be held to the same standard as physical workplace hygiene. It must be routine, deeply embedded, and intolerant of shortcuts - not an afterthought.

Mobile devices such as smartphones, tablets and wearables are considered mission-critical in many sectors. From healthcare to education to energy, workers are increasingly relying on mobile for core operations.

Healthcare clinicians access patient health records via mobile apps, teachers engage their classes through interactive displays, and field engineers manage critical infrastructure through connected devices.

However, while this raft of mobile devices brings more agility and efficiency, it’s also greatly expanding the attack surface of these sectors – and cybercriminals have noticed. The risk facing mobile devices has grown dramatically in recent years, both in volume and sophistication.

Over 33.8 million mobile-specific attacks were detected globally in a single year - a figure that continues to rise as threat actors capitalize on mobile’s expanding footprint in enterprise environments.

These attacks exploit the lapses in cyber hygiene that persist across mobile fleets. Devices are frequently assumed to be safe by default or dismissed as low risk. Mobile devices running outdated operating systems, unpatched applications or lacking endpoint protection are commonplace. Password reuse and the absence of multi-factor authentication (MFA) further elevate the risk.

In many cases, mobile endpoints have become the soft underbelly of the corporate network - widely used, minimally monitored, and inconsistently secured. Just as unwashed hands can carry invisible pathogens, mobile devices can harbor unseen threats. And when routine protections are skipped, exposure becomes inevitable.

Despite their ubiquity, mobile devices are still perceived as fundamentally different from traditional endpoints.

Most workers have internalized a cautious approach to browsing, installing apps, and clicking incoming files and links when using their desktop and laptop devices, perhaps due to their association with a formal working environment.

However, for many users, mobile is seen as a more personal experience. This encourages a more relaxed attitude, adding to the idea that they’re somehow less “exploitable” than other endpoints.

This perception encourages complacency, with less consideration about potential threats like malicious attachments and applications. Further, mobile devices are often used interchangeably for personal and business tasks, blurring the lines between secure and vulnerable environments.

Threat actors actively exploit this mindset, especially with phishing, which remains the most common and effective method of compromise.

Mobile-specific variants, such as smishing (SMS phishing) and malicious app prompts, are particularly successful due to shortened URLs, limited screen space, and the absence of familiar desktop visual cues. These tactics are often paired with spyware, adware and data-harvesting malware that can linger undetected for long periods.

Organizations can inadvertently reinforce this risky mindset by failing to include mobile in core security strategies. Policies and protections that are standard on other endpoints, from patch management to access controls, may be absent or inconsistently applied on mobile.

This operational divide would never be tolerated in physical settings where protective measures are standardized and enforced across every tool and surface. It’s time for mobile cybersecurity to adopt the same attitude - no exceptions, no assumptions.

Many of the vulnerabilities exploited in mobile attacks stem from lapses in basic cyber hygiene - failures entirely preventable with consistent, well-enforced practices. Addressing these gaps doesn’t require breakthrough technology, but rather a disciplined approach to configuration, maintenance, and user behavior.

Mobile devices should be fully integrated into enterprise risk management frameworks, with the same diligence applied to laptops, and servers. That includes vulnerability assessments, asset inventory, incident response planning, and compliance checks.

At a minimum, all mobile devices should be kept up to date with the latest operating system and application patches. This is frequently overlooked, particularly in BYOD environments, where IT has limited visibility or control.

Mobile device management (MDM) or unified endpoint management (UEM) platforms can help organizations enforce policies around software updates, encryption and app whitelisting across every device.

Credential hygiene is equally critical. Strong passwords, enforced MFA, and discouraging reuse across services, all help reduce account-based compromise. Endpoint protection tools that scan for malicious links or payloads should extend beyond desktops and laptops to mobile devices as standard.

User education is an essential component alongside the right tools and policies. Employees must understand how to recognize phishing attempts, avoid unauthorized app installations, and report suspicious activity. Organizations can dramatically reduce their mobile risk exposure when people and policy align.

Physical hygiene is upheld as a system-wide discipline in the workplace. It is embedded in training, processes and culture, because the alternative is unacceptable risk. That same principle should govern how we approach mobile security.

Mobile devices now sit at the intersection of convenience and criticality, and treating their security as secondary is no longer viable. These devices are full-fledged endpoints, with access to sensitive systems and information, and they deserve to be treated accordingly.

Like any surgical instrument or critical tool, mobile assets must be kept clean, controlled, and protected, without exception.

We list the best small and medium business (SMB) firewall software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

We’re living in a world of relentless uncertainty. For compliance teams, this uncertainty normally only means one thing - cybersecurity risk. Against this backdrop, you might think that the volatility of the global economic landscape would be the primary cause of compliance issues for firms this year. But does this environment in fact increase the danger of other risks?

In March this year, our report gauged the opinions of 300 regulatory leaders from around the world on global trends involving market abuse and trade surveillance. One of the key findings was that the majority (64%) of regulatory professionals said cybersecurity risks were most likely to cause compliance issues in the next year. Next up was, unsurprisingly, global economic uncertainty (58%), followed by increasing regulatory complexity.

Given that a lot has happened already this year, does this ranking remain the same? Or are other market drivers playing a bigger role than expected?

AI, of course, lies at the heart of tech-driven risks. It has become both compliance’s enemy and ally. While AI trading models are designed to optimize for profit and increase efficiency, their rapidly accelerating sophistication means that they have the potential to become increasingly unpredictable. As AI-driven trading strategies interact with one another, market movements become harder to control and forecast. This is just one of the reasons why the benefits of AI tools also bring significant risks.

These dangers explain why proprietary trading firms, who rely on high-frequency, algorithmic trading strategies, were especially concerned by tech-driven risks, with 70% of respondents picking it as a key issue for this year.

Simultaneously, however, AI is becoming a great aide to compliance teams. Effective surveillance now depends on machine learning and AI to detect nuanced and initially obscure connections between instruments, firms or markets. These insights can support compliance professionals in detecting increasingly sophisticated forms of market abuse, while also reducing false positive alerts – a major resource-drain on monitoring teams.

Of course tech-driven risks aren’t just limited to AI. Off-channel electronic communications (eComms), where employees communicate via unmonitored apps like WhatsApp or Signal, present major compliance risks, while the increase in regulatory clarity around digital assets, such as the second part of EU’s MiCA regulation which came into force in December 2024, means their journey towards the mainstream is only likely to accelerate.

What’s true, however, is that global uncertainty heightens these risks.

Global economic unpredictability has undoubtedly been the story of 2025 so far. US trade tariffs, geopolitical conflicts, supply chain disruption and economic volatility have created a trading environment where the next move can be impossible to ascertain. But it’s also the case that this uncertainty is becoming more accepted, with regulators and firms adapting to ensure they are set up to withstand any unexpected twists and turns in the market.

So how do firms mitigate against this uncertainty from a regulatory perspective? One approach is to ensure you have stringent and robust trade surveillance controls in place. Over the last few years, instead of predominantly levying fines for abuse, regulators have been focusing on insufficient eComms recordkeeping and trade surveillance systems and controls.

Our report illustrated how trade and eComms surveillance fines accounted for over three quarters ($1.4 billion) of total enforcement action in 2024. There has also been a widening of who global regulators have been targeting, with firms of all sizes – not just the tier one banks – being handed stiff financial penalties.

Some events are impossible to predict. Global uncertainty is always a factor, so robust controls are needed to mitigate risk and maintain compliance. Current compliance technology is already advancing to manage this rising range of risks, with features such as conditional parameters that can adapt to market volatility and liquidity, or sandbox environments to test new configurations in a controlled, low-risk setting. These developments are a crucial step in building systems that can respond to the complexities of risk in today’s markets and ensure firms can keep on top of regulatory requirements.

With eComms and trade surveillance coming under particularly intense regulatory scrutiny, the compliance strategies that integrate trade and eComms data together are the ones best placed to manage risks this year. While trade data offers quantifiable evidence of suspicious activity, the intent behind it often lies in communications data. By adopting such an integrated approach, compliance teams can spot abuse that might not otherwise be apparent and build comprehensive cases.

It’s too early to call what risks are causing the most compliance issues this year. But there is no question the three areas highlighted by regulatory professionals in our report align with the current compliance reality. Rather than weighting one risk above another, however, what compliance strategy calls for more and more is the need for an integrated and holistic approach that accounts for the relationships between these risks.

Of course, it is necessary to have an awareness of what risks are a particular problem at a given time. But an integrated approach can bring to light risks that would otherwise remain hidden. Above all, what it comes down to is control: when outside events are deeply unpredictable, regulatory processes and systems that are robust, well designed and executed efficiently are worth their weight in gold.

We list the best IT Automation software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Three zero-day flaws in Ivanti CSA solutions were abused to grab login credentials
• The group likely sold the access to French government devices
• Researchers are attributing the attacks to Chinese state-sponsored miscreants

In late 2024, Chinese state-sponsored threat actors abused multiple zero-day vulnerabilities in Ivanti Cloud Services Appliance (CSA) devices to access French government agencies, as well as numerous commercial entities such as telcos, finance, and transportation organizations.

The news was recently confirmed by the French National Agency for the Security of Information Systems (ANSSI), which noted threat actors were abusing three security vulnerabilities in Ivanti CSA devices: CVE-2024-8963, CVE-2024-9380, and CVE-2024-8190.

All three were zero-days at the time, and all were used to steal login credentials and establish persistence on target endpoints. Apparently, the miscreants were deploying PHP web shells, modifying existing PHP scripts to inject web shell capabilities, and installing kernel modules that served as a rootkit.

Get 55% off Incogni's Data Removal service with code TECHRADAR

Wipe your personal data off the internet with the Incogni data removal service. Stop identity thieves
and protect your privacy from unwanted spam and scam calls.View Deal

The attacks were attributed to a group tracked as Houken which, in the past, was seen actively exploiting vulnerabilities in SAP NetWeaver to drop a variant of GoReShell backdoors called GOREVERSE.

This group, the researchers claim, bears many similarities to an entity tracked by Google’s Mandiant team as UNC5174.

"While its operators use zero-day vulnerabilities and a sophisticated rootkit, they also leverage a wide number of open-source tools mostly crafted by Chinese-speaking developers," French researchers said. "Houken's attack infrastructure is made up of diverse elements -- including commercial VPNs and dedicated servers."

Apparently, Houken isn’t exclusively focused on western targets. In the past, it was observed targeting a wide range of government and education organizations in Southeast Asia, China, Hong Kong, and Macau.

For Western targets, they were mostly focused on government, defense, education, media, and telecommunications.

It is also worth mentioning that in the French case, it is likely that there were multiple threat actors involved, with one group acting as an initial access broker, and a separate group purchasing that access to hunt for valuable intelligence and other sensitive data.

Via The Hacker News

• Critical Ivanti Cloud Service Appliance flaw exploited in the wild
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

• Samsung has accidentally revealed storage and RAM amounts for the Galaxy Z Fold 7, Galaxy Z Flip 7, and Z Flip 7 FE
• The Galaxy Z Fold 7 will seemingly come with more RAM than its predecessor in the top configuration
• A leak has also shown off some Z Fold 7 and Z Flip 7 cases, some of which have magnets

Despite Samsung’s best efforts to stop them, phone leaks are inevitable, but usually, it’s leakers intentionally sharing details rather than the manufacturer accidentally doing so.

In the case of the Samsung Galaxy Z Flip 7 and Samsung Galaxy Z Fold 7, though, we’ve now encountered two accidental leaks from Samsung itself.

The first was the sharing of some colors on Samsung’s Irish website, and now leaker Roland Quandt has spotted a terms and conditions document on a Turkish Samsung site, which mentions RAM amounts and storage capacities for these upcoming phones.

The document states that the Galaxy Z Fold 7 comes with 12GB of RAM paired with either 256GB or 512GB of storage, and that there's also a 16GB version with 1TB of storage. Those storage capacities are the same as the Samsung Galaxy Z Fold 6, but in all cases, that phone comes with 12GB of RAM, so at the top end, you should be able to get more with the Z Fold 7.

Next up, the Samsung Galaxy Z Flip 7 is listed as having 12GB of RAM and a choice of either 256GB or 512GB of storage. Those are the same specs as the Samsung Galaxy Z Flip 6.

There are also Galaxy Z Flip 7 FE specs listed here, with the phone said to have 8GB of RAM and come in a choice of 128GB or 256GB of storage.

Since this all comes directly from a Samsung site, these details are almost certainly accurate, but we still can’t be 100% certain until Samsung announces the specs on July 9 – and it’s possible, too, that some regions will have different configurations to others.

In any case, we’ve also now seen leaked case renders for the Galaxy Z Flip 7 (shared by Android Headlines) and Galaxy Z Fold 7 (shared by NieuweMobiel).

These don’t reveal much about the phones that we haven’t already seen or heard, but it’s worth noting that some of the cases include magnets, which means that these phones will probably both have the same magnetic charging support as the Samsung Galaxy S25 series.

Specifically, you’ll probably be able to magnetically attach chargers and other accessories, much like with Apple’s MagSafe system, except the magnets won’t be built into the phones themselves, so you’ll need to equip them with a magnetic case first. If so, that would be disappointing but not surprising.

Samsung is expected to unveil all of these phones at the next Galaxy Unpacked on July 9, so we should find out exactly what they have to offer very soon.

• How to watch Samsung Galaxy Unpacked on July 9: get ready for new foldable phones and more
• Gorgeous leaked photos give us our best look yet at the super-slim Samsung Galaxy Z Fold 7
• A massive new Samsung Galaxy Z Fold 7 and Z Flip 7 leak suggests we could see some serious upgrades at next week's Unpacked

• Pilou Asbaek has outlined what fans can expect from his villain in Foundation season 3
• The Mule is an incredibly powerful antagonist who threatens Empire and The Foundation
• The series newcomer has also revealed why it's so fun to play villainous characters

Foundation season 3 will introduce the show's most terrifying villain yet in The Mule – and actor Pilou Asbaek has teased what viewers can expect from his take on the fan-favorite antagonist.

Speaking to TechRadar ahead of Foundation's return on July 11, Asbaek revealed that his version of the character will be something of a departure from how he's depicted in Isaac Asimov's original book series.

In Asimov's best-selling novels, The Mule is a weedy individual who proves looks can be deceiving. Indeed, The Mule is one of the most powerful Mentalics – humans who possess incredibly potent psychic abilities – to ever live in Asimov's fictional universe. Due to his weak appearance, he's constantly underestimated by his foes, which allows him to conquer vast swathes of the galaxy before The Imperium or The Foundation can muster a response to the growing threat he poses.

The Mule retains his telepathic superpowers in Apple's live-action adaptation. But, as Foundation season 3's official trailer revealed, he's a far more physically imposing character than in the books.

"He needs to be a big, immediate threat to Empire and The Foundation," Asbaek told me of the decision to make The Mule taller and more muscular in the Apple TV+ space opera. "So, he's physically different. He's a pretty big, wide guy who's also more roguish, brutish, and impolite than he's described in Asimov's brilliant books."

The Mule's altered build is less of a surprise when you think back to last season. As I covered in my Foundation season 2 ending explained piece, The Mule makes a brief cameo before the finale's end credits sequence rolls. The unhinged villain, who was played in that scene by Mikael Persbrandt before he was replaced by Asbaek as part of a season 3 cast shake-up, was similarly tall in stature. So, there's some continuity between Persbrandt and Asbaek's iterations of the character from a physical perspective.

Nevertheless, Asbaek is well aware that some long-time fans of Asimov's literary works might take exception to how The Mule is depicted in one of the best Apple TV+ shows. Perhaps unsurprisingly, he's already prepared himself for any potential backlash.

"I've done a few adaptations – Ghost in the Shell and Game of Thrones (GoT), for example – so I've been down that path," he mused. "I know that some people will like it [my take on The Mule] and some won't, but it's my job to make the best possible version in collaboration with the creative team.

"I didn't know Mikael had done it, but I knew of the show and what I wanted to bring to the character," he added. "It's the same thing as someone doing an adaptation of a Shakespearean play. We've seen a million different versions of Hamlet, so this is just my interpretation of The Mule."

As for how The Mule differs from GoT's Euron Greyjoy, the unlikeable and power-hungry character that Asbaek played in one of the best HBO Max shows, or any other villain he's played, Asbaek said: "He's probably the most human one I've ever played. He's got the biggest storyline I've had with playing a villain, but he's also the most chaotic, tortured soul of of them all. I'm not going to spoil it, but I can say you'll get a sense of why [that's the case].

"At the end of the day, he's just a little boy who wants to be loved," Asbaek continued. "I was very inspired by French novel 'The Little Prince'. That's also the reason why he [The Mule] wears a red coat, because I wanted to look like the Little Prince, who comes to our world because he wants to know what it is to be human and have emotions. That's the only thing that The Mule doesn't have. He's one of a kind and, throughout this season, you'll find out what happens when he doesn't get what he wants."

Are you excited to see Asbaek as The Mule? Let me know in the comments. And, before the sci-fi epic's next installment arrives, read my Foundation season 3 review to see if it's better than its predecessors.

• 'We're the last to find out': Foundation stars don't know if it'll return for season 4 – but they haven't given up hope for the Apple TV+ show's renewal
• Prime Video users, rejoice! Save big on Apple TV+ and watch these 4 shows with 85% or higher Rotten Tomatoes scores using this Amazon add-on deal
• These are the best Apple TV+ movies to watch today