mobile apps

Pierluigi Paganini September 03, 2015
Company’s data at risk due to the use of mobile gambling apps

Veracode has conducted a research on the security of several mobile gambling apps and discovered a number of flaws that expose enterprises to serious risks. If you belong to a global corporation, the most probably think you will find out is that some of your colleagues have installed mobile apps that don’t belong to the […]

Pierluigi Paganini July 17, 2015
Many Android and Apple Apps allow brute force attacks

According to a recent research published by experts at the AppBugs firm many Android and Apple mobile apps allow brute force attacks. Android and Apple devices are the most used worldwide, millions of mobile users every day use the apps available in their official stores, but what if the majority of these applications are vulnerable […]

Pierluigi Paganini March 25, 2015
The Installer Hijacking vulnerability exposes 1 of 2 Android users to attack

Experts at Palo Alto Networks discovered the Installer Hijacking vulnerability that exposes half of Android users to attack via Installation Vulnerability. The security researcher Zhi Xu from Palo Alto Networks discovered a critical vulnerability, dubbed Android Installer Hijacking, affecting the Android PackageInstaller system service. By exploiting the flaw, an attacker can gain unlimited permissions on compromised smartphone and data […]

Pierluigi Paganini March 19, 2015
Mobile apps still vulnerable to FREAK attacks

Despite principal vendors have released updates to fix the FREAK vulnerability many mobile apps for Android and Apple iOS are still vulnerable. Early March, security experts discovered a critical vulnerability codenamed FREAK (CVE-2015-0204), also known as Factoring Attack on RSA-EXPORT Keys, which could be exploited by threat actors to run  man-in-the-middle attacks on encrypted traffic when Internet users visited […]

Pierluigi Paganini March 14, 2015
2,400 unsafe applications found in average large enterprise

A recent study published by Veracode on mobile security revealed that 2,400 unsafe applications are in average installed in large enterprise. Mobile devices are becoming an integral part of the enterprise architecture, security depends heavily on the use that is made with mobile devices and from the policies adopted to protect the company from cyber […]

Pierluigi Paganini February 28, 2015
FireEye Assessment of 7 Million iOS and Android Apps shows a disconcerting scenario

FireEye released a report containing the results of a comprehensive Mobile Threat Assessment of 7 Million iOS and Android Apps. According to U.S. firm FireEye, more than five billion downloaded Android apps are vulnerable to cyber attacks due to the presence of security vulnerabilities in the Android OS. Researchers at FireEye analyzed more than 7 million […]

Pierluigi Paganini February 25, 2015
McAfee Labs Threat Report – many mobile apps still vulnerable

The McAfee Labs Threat Report: February 2015 analyzes security level of mobile apps and the evolution of principal cyber threats. Last year the Carnegie Mellon University’s Computer Emergency Response Team (CERT) analyzed the level of security implemented by Android applications, in particular the experts focused their investigation on Android applications that failed to properly validate SSL certificates. The […]

Pierluigi Paganini November 28, 2014
The Twitter App Graph feature will track users mobile apps for commercial purposes

Twitter announced app graph, it will now track every mobile app its users have Installed on their smartphones and tables.  Privacy advocates arise. Twitter announced the implementation of the “app graph” function that will allow the company to provide “more personal Twitter experience” by serving targeted advertisements by serving targeted advertisements. This means that also Twitter, like […]

Pierluigi Paganini November 11, 2014
Masque Attack – every iOS app could be compromised

Researchers at FireEye identified a new attack dubbed the Masque, which allows attackers to replace a genuine app with a malicious one. In these days Apple the community has discovered that is vulnerable to WireLurker, a new strain of malware that is able to infect Apple iPhone and iPad syphoning user’data. The malware was discovered for the […]

Pierluigi Paganini May 10, 2014
Federal Trade Commission – Watch out to Health and Fitness Apps

The Federal Trade Commission debated on the privacy ramifications of consumer generated and controlled health data, following data on mobile apps. The Federal Trade Commission has recently released the disconcerting results of a study conducted on 12 mobile health and fitness apps, focusing the analysis on the way they manage users’ personal information. Let me anticipate that […]