Mobile Threat Research – WindowsTechs.com

MITRE Adds Appthority as CVE Numbering Authority (CNA)

Posted on September 10, 2018 by Seth Hardy

On Sep 7, 2018, MITRE announced that Appthority has joined 89 other organizations as a CVE Numbering Authority (CNA). Appthority is the first CNA that is focused on enterprise mobile threat research, and we’re proud of this designation. We look f… Continue reading MITRE Adds Appthority as CVE Numbering Authority (CNA)→

Appthority Discovers Thousands of Apps with Firebase Vulnerability Exposing Sensitive Data

Posted on June 14, 2018 by Kevin Watkins

Appthority has discovered a significant mobile data vulnerability related to Google Firebase which has resulted in the exposure of a wide range and large amounts of sensitive data through thousands of mobile apps. The exposure is not due to malicious c… Continue reading Appthority Discovers Thousands of Apps with Firebase Vulnerability Exposing Sensitive Data→

ZipperDown: Remote Code Execution Attack on iOS Apps

Posted on May 22, 2018 by Su Mon Kywe

On May 15, 2018, Pangu Lab announced the ZipperDown vulnerability, which allows a remote code execution attack on iOS apps. Although Pangu Lab did not disclose the details of the ZipperDown vulnerability, we can infer from its researcher’s public… Continue reading ZipperDown: Remote Code Execution Attack on iOS Apps→

RSA App Exposes User Data Due to Common Developer Mistake

Posted on April 26, 2018 by Michael Bentley

Late last week security researchers found the RSA security conference exposing conference attendee data via vulnerabilities in its mobile app. Because a 3rd party developer had hard coded data – including security keys and passwords – in th… Continue reading RSA App Exposes User Data Due to Common Developer Mistake→