App Security News, Articles and Updates

Remotely hosted objects used to spread Formbook malware

Cyber-criminals are once again abusing trusted applications, such as Microsoft Office, to launch multi-stage attacks inside malicious documents to deliver Formbook malware.

Researchers: Security of messaging apps breaks down during group chats

Vulnerabilities in the group communication protocols of three encrypted messaging apps - WhatsApp, Signal, and Threema - could allow attackers to willfully subvert their integrity and confidentiality.

Google Play app Dune! leaks data & geolocation

Dune! an app on the Google Play store that has been downloaded over five million times in the past few weeks, has been found to have a data and geolocation leak according to a blog post by Pradeo.

TLS implementation bug put millions at risk

A critical security bug put millions of banking app users at risk, according to researchers from the University of Birmingham.

Data on 31 million users leaked by smartphone keyboard app

After the developer of virtual keyboard app Ai.Type left a 577GB Mongo-hosted database unsecured, personal data on more than 31 million customers was exposed to anyone who has an internet connection.

Fake WhatsApp update on Google Play promoted malware disguised as game

A fake WhatsApp application that was downloaded one million times from the Google Play Store was observed advertising a malicious game app that infects users with secondary malware.

Android malware on Google Play grows botnets, launches DDoS attacks

The Sockbot malware has made its way into at least eight Apps in the Google Play Store with the intent of adding devices to botnets and performing DDoS attacks.

How to avert overlay attacks - deploy built-in app security

Applications themselves should have security built in that detects that the application is being pushed to the background says Giovanni Verhaeghe. Then any user input should be blocked and the placing overlay eliminated

WhatsApp rebuffs government request for backdoor

WhatsApp apparently refused the UK government's entreaties to build what would essentially be a backdoor into its app earlier this year.

Why apps & the rise of shadow IT are posing new threats to organisations

The app-blended lifestyle poses problems for CIOs, CISOs and those responsible for keeping an organisation safe and secure. Mike Hemes, says shadow IT is a real issue and one we can only see increasing over time.

Why security will shape the future of apps - to avoid hacked humans

In the Brave New World of augmented human cyborgs, security gets really personal, and a differentiator between who you might trust with your brain, your body and your life as Keiron Shepherd explains.

Spyware found in more than 1,000 apps in Google Play store

Android Apps on the Google Play Store have been discovered to harbour spyware originally created by an Iraqi developer. Surveillance malware records audio and steals data from users.

Google Play apps: Who can you trust with your data?

Bill Brenner identifies that typical adware has now been seen to be collecting user's personal information, including email addresses in popular Google Play apps.

PanicGuard security app found leaking user data

Wandera researchers spotted an app designed to keep users physically safe putting users at risk by leaking their information.

Putting app security centre stage in the fight against threat actors

With hackers attempting to poach valuable data and steal the limelight, Gad Elkin asks how can businesses ensure that the show goes on?

The importance of application security in an increasingly connected world

Amit Ashbel looks at application security in this new age of smartphones and IoT devices and considers the difference between hybrid and native app development and the need to write code with security in mind.

Telegram API flaw leaks 15 million Iranian users' data

App flaw, use of SMS alerts causes Telegram to lose 15 million Iranian users' data.

Wireless hack could result in Mitsubishi cars being stolen

The alarm can be disabled and the battery drained, researchers claim

WhatsApp spells problems for IP Bill with end-to-end encryption

The encrypted communications app has introduced a kind of encryption meaning even WhatsApp won't be able to look at its customers messages, but what about the government?

Android messaging apps leaking data through 'surreptitious sharing'

Vulnerability in Unix-based file permissions exposed passwords, private keys and message histories when users share images and other files.

13 Play Store apps infected with Brain Test malware

Google's Play Store has had to boot out several apps after they were found to be infected with 'Brain Test' malware.

Cycling app reveals address of British IT manager

The Strava app, designed for cycling, has revealed the home address of British IT manager Mark Leigh.