Researchers have discovered a new exploit that could let hackers secretly hijack your phone while you’re using it. They successfully carried out proof of concept attacks on multiple versions of Android, up to the 7.1.2 build of Nougat.
Applications are the key to end-user computing, but they haven’t always been the industry’s focus. Security fears around BYOD and the consumerization of IT put the spotlight on mobile device management and, later, EMM. And the flood of major software vendors into that market kept our attention there for much of the past decade.
Why is application security such a pain? One of the hard problems with application security is that there are a zillion different ways that things can go wrong. Far more than any one person can be expert in. It's unfair to think that a software developer, who is already supposed to be expert in all the latest software languages, frameworks and best practices, should also be keeping up with application security.
Imagine this. You work in the finance department of a large US-based company. You have a number of manufacturers and service providers based around the world who you regularly do business with. It’s not unusual for you to receive invoices from the companies for the services or goods that they have supplied to your firm.
FOR HACKERS, SCANNING for an open “port”—a responsive, potentially vulnerable internet connection on a would-be victim’s machine—has long been one of the most basic ways to gain a foothold in a target company or agency. As it turns out, thanks to a few popular but rarely studied apps, plenty of smartphones have open ports, too. And those little-considered connections can just as easily give hackers access to tens of millions of Android devices.
Some 61,000 employees across the globe are using Google-powered mobile devices at the workplace, said Google, which outlined its approach to mobile security in a new white paper.
Reports Thursday (April 20) highlighted a company blog post by the tech conglomerate detailing the three tiers of enterprise mobility security Google deploys to safeguard those employees and employer data.
Uber hid its fingerprinting of iPhone users from Apple – techniques that would have had any other app thrown out of Apple's store. Uber retained the information even after the Uber app had been deleted and the phone had been wiped. Uber CEO Travis Kalanick got a personal reprimand from Apple CEO Tim Cook, but the app stayed put, and Uber continues to use fingerprinting worldwide.