Collaborate Disseminate
Symantec acquired Appthority whose technology gives Symantec customers the ability to analyze mobile apps for both malicious capabilities and unsafe and unwanted behaviors, such as vulnerabilities, risk of sensitive data loss, and privacy-invasive acti… Continue reading Symantec acquires Appthority to enhance protection from mobile application vulnerabilities
On Sep 7, 2018, MITRE announced that Appthority has joined 89 other organizations as a CVE Numbering Authority (CNA). Appthority is the first CNA that is focused on enterprise mobile threat research, and we’re proud of this designation. We look f… Continue reading MITRE Adds Appthority as CVE Numbering Authority (CNA)
Today Appthority released our Q2 Enterprise Mobile Security Pulse Report. The report looks at three areas of interest to enterprise mobility and security teams: 1) the most common iOS and Android apps in enterprises, 2) th… Continue reading Q2 Appthority Pulse Report Finds Chat Apps Most Popular, Risky & Blacklisted Apps
This is the Shared Security Weekly Blaze for July 2nd, 2018 sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions and Silent Pocket. This episode was hosted by Tom … Continue reading The Shared Security Weekly Blaze – Mobile App Data Leaks, The California Privacy Act, Third-party Gmail Access
Appthority published research on its discovery of a new HospitalGown threat variant that occurs when app developers fail to require authentication to Google Firebase databases. Appthority security researchers discovered the HospitalGown vulnerability i… Continue reading 3,000+ mobile apps leaking data from unsecured Firebase databases
Appthority released its latest report: Q4 Appthority Pulse Report Finds Tinder and Instagram Added to Enterprise Blacklists. In fact, there’s rather more to it than Tinder and Instagram. If you aren’t sure whether to jump straight in and gi… Continue reading Apps: enterprise blacklist data
Appthority released its Enterprise Mobile Security Pulse Report for Q4 2017, which details the apps most frequently blacklisted by enterprise mobility and security teams. Most blacklisted apps For iOS devices, popular dating app Tinder made the list of… Continue reading Apps most frequently blacklisted by enterprise security teams
Developers using the Twilio platform to build enterprise mobile communications apps have put call and text data at risk for exposure. Continue reading Eavesdropper Vulnerability Exposes Mobile Call, Text Data
Enterprises blacklist apps for a range of security concerns, including specific malicious or data leakage behaviors, security policy compliance and concerns about shadow data storage. Appthority revealed the most frequently blacklisted apps by mobility and security teams. Top blacklisted apps For iOS devices, WhatsApp Messenger, Pokémon GO and WinZip were the top blacklisted apps. For Android, Poot-debug(W100).apk, an Android System Theme, and Where’s My Droid Pro topped the list. In Q3, Android apps that were … More → Continue reading Top blacklisted Android and iOS apps by enterprises
A newly discovered backend data exposure vulnerability, dubbed HospitalGown, highlights the connection between mobile apps and insecure backend databases. Appthority documented more than 1,000 apps with this vulnerability, and researched in detail 39 applications with big data leaks, which exposed an estimated 280 million records. These records were accessible as a result of weakly secured backends and did not require authentication of any kind to access the data. “HospitalGown poses a direct risk to enterprises, … More → Continue reading Vulnerability affecting 1,000+ apps is exposing terabytes of data