Uncategorized

Seven articles about mobile application security

    •  Apple iMessage Vulnerability: The “5 Most Significant Mobile Data Breaches of 2021” article discusses a zero-day flaw in Apple iMessage that affected all 900 million active users of MacBooks, iPads, watches, and iPhones. This was one of the largest mobile data breaches of the year, which allowed the deployment of the Pegasus spyware, giving government customers access to the target’s devices.
    • Amazon Ring Neighbors App Coding Flaw: The article on “Mobile Application Security: 2021’s Breaches” at Dark Reading highlights the Amazon Ring Neighbors App breach due to improper coding, emphasizing the need for better testing of mobile applications. Insecure configurations also led to data being leaked over the network.
    • Android App Security Assessment: “Study reveals the state of mobile application security” from Security Magazine details an analysis of over 3,000 popular Android applications, focusing on the most downloaded and highest-grossing apps across 18 categories. The study, conducted during the COVID-19 pandemic, found significant security concerns within mobile app security.
    • Google Play Store App Vulnerabilities: The case study “Exposed! A case study on the vulnerability-proneness of Google Play Apps” from Springer elaborates on how many mobile apps on Google Play store have critical security and privacy defects, risking sensitive user information shared during everyday activities like shopping, banking, and social communications.
    • Top Mobile App Security Failures: Microsoft’s DevBlogs article “Top 5 Mobile App Security Failures and How To Prevent Them” identifies the top five security failures in mobile apps including insecure data storage, insecure communication, insecure extraneous functionality, insecure client code quality, and lack of obfuscation which can lead to reverse engineering and attacks.
    • Redistribution of Malicious Apps: The blog post “Mobile Application Security Issues and Measures to Mitigate Them” at VSoft Consulting discusses how hackers sometimes insert malicious code into the binary file of an app and redistribute it through unofficial channels, leading to the installation of compromised apps on users’ devices without their knowledge.
    • Secure File-Sharing in Banking Apps: A practical example is provided by “Mobile Security Case Study” at BankInfoSecurity, focusing on a bank’s effort to implement secure file-sharing through mobile applications, highlighting the steps taken by organizations to mitigate mobile security risks.