Collaborate Disseminate
Traditional, downloadable, applications are becoming less common as cloud services expand. Instead, organizations and consumers are turning to programs they can use from any connected device: web applications. Web applications allow organizations to ac… Continue reading Improving Security in Web App Development
A few years ago, Netsparker CEO Ferruh Mavituna gave a talk at Infosecurity Europe, a major security conference. He spoke about why organizations need to scale their web security operation and how automation can play a key role. Securing web apps manua… Continue reading Scaling-Up and Automating Web Application Security
Reading Time: 5 minutes Containerization can create a pathway to secure digital transformation. Discover how to make a business case for container security.
The post Considering Container Security? 6 Ways to Make a Case for Containerization appeared first on Security Intelligence.
Continue reading Considering Container Security? 6 Ways to Make a Case for Containerization
Ever since Bill Gates fired off his famous Trustworthy Computing memo in January 2002, developing secure software has been a hot topic of discussion. It was important before then, for sure, but it was often overlooked. It took a series of high-profile … Continue reading NIST proposes Secure Software Development Framework
New research has revealed that apps are snooping on data such as location and unique ID number – even when users haven’t given permission. Continue reading Rogue Android apps ignore your permissions
Ad scammers are impersonating the Indian mobile network operator Jio, which has roughly 314 million subscribers, to trick Android users into downloading apps that are nothing more than malicious software, according to research published this week. Researchers from Symantec discovered 152 Android apps that promise to provide downloaders with free data boosts, but in fact flood device screens with advertisements in order to make a buck, the security vendor said in a blog post Wednesday. The programs appear with names like My Jio 4G and My Jio Offers, or other variations on the legitimate MyJio app. The malicious apps have been downloaded more than 39,000 times since January. The discovery reaffirms how insecure Android apps can leverage users’ phones in ways they never intended. The issue is especially pervasive in developing countries like India, where analysts have predicted that 829 million people will connect to the internet via smartphone by […]
The post Scammers are spreading fake Jio apps to generate advertising revenue appeared first on CyberScoop.
Continue reading Scammers are spreading fake Jio apps to generate advertising revenue
An Android game with more than 50,000 downloads from the Google Play Store attempts to collect scores of data from users’ Google accounts — including Gmail usernames and passwords — alongside other dubious behaviors, according to forthcoming research provided exclusively to CyberScoop. Researchers from the mobile security company Wandera have identified the app, called “Scary Granny ZOMBY Mod: The Horror Game 2019,” as a malicious program that launches persistent full-screen advertisements on users’ phones, and asks some to enter their Google credentials. Upon receiving a victim’s username and password, the program automatically logs into users’ Google accounts and collects personal data for a purpose that researchers are still trying to determine, according to Michael Covington, vice president of product at Wandera. “There is no doubt in my mind that this app is malicious and puts private user data at risk,” he said. “It’s logging into the profile section of your Gmail and […]
The post A zombie game with 50,000 Play Store downloads is pulling sensitive data from Gmail appeared first on CyberScoop.
Continue reading A zombie game with 50,000 Play Store downloads is pulling sensitive data from Gmail
Digital scammers are stealing victims’ personal information in new ways, preferring rogue mobile applications and account takeover attacks after a generation of using phishing as their primary hacking technique. Fraud attacks from rogue mobile applications increased by more than 300 percent, up to 41,313 incidents in the first quarter of this year from 10,390 events in the fourth quarter of last year. The figure represents 50 percent of the attacks detected in a fraud report released Wednesday by RSA, with phishing attacks making up 29 percent, trojan horses at 12 percent and brand abuse at 9 percent. Phishing attacks increased by less than 1 percent from one quarter to the next. That jump in rogue apps coincides with an uptick in research from other security companies reporting malware that steal victims’ information by appearing as legitimate programs. VidMate, an Android app that allowed users to download videos from services like […]
The post Fraud via rogue apps exploded by 300 percent in just a few months appeared first on CyberScoop.
Continue reading Fraud via rogue apps exploded by 300 percent in just a few months
While smartphones and tablets have become more ubiquitous in the workplace, organizations are flat out ignoring mobile security risks.
The post Mobile Security Risks Are on the Rise, But Employers Continue to Cut Corners appeared first on Security Intelligence.
Continue reading Mobile Security Risks Are on the Rise, But Employers Continue to Cut Corners
To avoid malware, always get hardware and software from authorized and reputable sources and vendors, right? But what happens when those same sources actually contain or deliver malicious payloads?
The post What Happens When Malware Sneaks Into Reputable Hardware, Applications and App Stores? appeared first on Security Intelligence.