Mocana's Weekly News Roundup, Ed 18
App and tech security breaches have run amuck this week. Hackers are tapping into more and more diversified outlets in order to steal users' information. One in particular, was using an APK installation under the guise of a Microsoft Word document.
Before installing anything on your phone (even if it's on an app), be wary of its origin.
Make sure you have the most updated security, and stay informed on where breaches have occurred. The technology to secure applications is slow-going, as awareness is still needed for buy-in. We invite you to explore some of Mocana's solutions, which provide airtight security for your corporate apps.
To read more on these topics, check out our links for the Roundup below:
While this is a "decidedly old-school approach to infecting mobile devices," the Android malware has infected hundreds of users in China. By using the Microsoft Word icon and getting the user to download the file, it is in reality "going through an APK installation process leading to infection."
Swiftkey is a popular app that can be placed on phones, or a cloud service with themes and actually have the app "remember your typing style on various devices." From utilizing HTTPS to moving to Amazon, they discuss how this has helped them secure sensitive data.
NY Daily News
Many attacks from Androids and iPhones have shown no device or OS is fully secure. In lieu of this, on every phone there are vulnerabilities to be aware of, including clicking suspicious links and stealing credit card numbers on transactions.
While the "application security field is still developing," the need for security tools is present. Hackers are finding multiple ways to take advantage of application vulnerabilities. This article shows a detailed list of top vendors to look for for "better defenses against application attacks."
A vulnerability in United's app "sat unpatched for almost six months before it was fixed." This was in an API endpoint exposing information on any MileagePlus frequent flier program member. This was discovered by researcher Randy Westergren back in May, who has discovered many other bugs in web and mobile applications.
A white hat hacker was able to breach VTech's security and steal the information of thousands of children and their information, including "names, genders, birth dates, mailing addresses and the contents of their private chats." Since, the electronics giant has "corrected its server susceptibilities and says it is taking added steps to bolster security."
We value your input as a reader; let us know your thoughts in the comments here or tweet us @mocana.