Your highlights from the mobile app security world this week include: A decade in, a look back at how
|
July 13 · Issue #112 · View online |
|
Your highlights from the mobile app security world this week include:
- A decade in, a look back at how App Store changed the game
- IBM & Ponemon Institute release the 2018 Cost of a Data Breach Study: Global Overview
- Texas A&M researchers find web API hijacking risks within mobile apps
- Highly targeted campaign using corrupt open source MDM discovered in India
- Test run of new iOS 12 Screen Time feature produces positive results
- iOS 11.4.1 is out and includes bug fixes and security improvements
- Vendor vulnerability disclosure process under Senate scrutiny after Spectre and Meltdown stumbles
- And More!
|
|
Apple’s iOS App Store changed the way we think about software | Engadget
“Ironically, Steve Jobs was firmly against the idea of iPhones running third-party software – as Walter Isaacson wrote in his acclaimed Jobs biography, the Apple co-founder ‘didn’t want outsiders to create applications for the iPhone that could mess it up, infect it with viruses or pollute its integrity.’ ”
Steve Jobs’ initial concern of allowing third-party software into the iPhone ecosystem was prudent, even if end-user demands made it unrealistic. As we celebrate a decade of App Store this week, click here for data regarding what types of mobile app risks and vulnerabilities NowSecure still finds most frequently.
|
Cisco's Talos Intelligence Group Blog: Advanced Mobile Malware Campaign in India uses Malicious MDM | Talos
“In social engineering attacks the victim is tricked into clicking accept or giving the attacker physical access to a device. This campaign is of note since the malware goes to great lengths to replace specific mobile apps for data interception. Talos has worked closely with Apple on countering this threat. Apple had already actioned 3 certificates associated with this actor when Talos reached out, and quickly moved to action the two others once Talos tied them to the threat.”
|
The Average Cost Of A Data Breach Is Highest In The U.S. [Infographic] | Forbes
“The research also found that the efficiency in identifying an incident and the speed of the response has a huge impact on its overall cost. On average, it took companies 197 days to identify a data beach and 69 days to contain it.”
The study found organizations that had deployed automated security solutions saved, on average, $1.55 million per breach than those that had not. NowSecure experts work with organizations at every phase of the mobile appsec journey, from jumpstarting a new program or to improving an existing one. You can download the full 2018 Cost of Data Breach Study sponsored by IBM and conducted by Ponemon Institute here.
|
Apple releases iOS 11.4.1 with USB Restricted Mode | Ars Technica
“Today, Apple released iOS 11.4.1 for iPhones and iPads—a small update that fixes a couple bugs and introduces a new security feature. This is the fifteenth update since iOS 11 released last September. It’s available to the same devices as iOS 11.4—the iPhone 5S and later, the iPad Air and later, the iPad mini 2 and later, and 2015 iPod touch.”
|
Senators question vulnerability disclosure process after Spectre and Meltdown stumbles | Cyberscoop
“Lawmakers are pondering what can be done to improve the complex vulnerabilities disclosure process, which involves spreading enough word among vendors to address a bug but not so much as to risk leaking information before patches are ready.”
|
Team finds many of mobile applications are open to web API hijacking | Phys Org
“Gu and his team analyzed 10,000 mobile apps and found that many of them are open to web API hijacking—something that potentially affects the privacy and security of tens of millions of business users and consumers globally.”
Check out the SUCCESS Lab to learn more about the Texas A&M team’s research and publications.
|
I Used Apple’s New Controls to Limit a Teenager’s iPhone Time (and It Worked!) | The New York Times
“Over the last three weeks, I studied Sophie’s phone use patterns along with mine. After determining the apps that we spent extraordinary amounts of time on — Sophie spent hours each day chatting with friends on Snapchat, and I wasted too much of my life reading Twitter — I placed a few time limits on each of us.”
|
Did you enjoy this issue?
|
|
|
|
If you don't want these updates anymore, please unsubscribe here
If you were forwarded this newsletter and you like it, you can subscribe here
|
|
|
|