View profile

NowSecure #MobSec5 - Week of November 12

November 16 · Issue #130 · View online
NowSecure #MobSec5
As shoppers salivate over Black Friday and Cyber Monday deals, hackers are prepping for the post-Thanksgiving shopping frenzy, too. Unfortunately many of the leading digital retail and deal-finding mobile apps have security and privacy flaws that could place consumers at risk.
NowSecure analyzed 52 leading retail and deal-finding mobile apps from the Apple® App Store® and Google Play™ such as Amazon, eBay, Groupon, Target, Walmart, Wish and many others for security vulnerabilities, compliance gaps and privacy exposure. Only 27% of the apps we tested carry no or low risk, while the bulk require caution.
With 81 million U.S. residents placing e-commerce orders on Cyber Monday last year, the holiday shopping season brings in big business. Retailers would be wise to protect their brands by ensuring the security of their mobile apps by testing them prior to release. Likewise, shoppers should be careful about the digital retail apps they use and only download them from a reputable source.
And while we’re talking turkey, #MobSec5 will go on hiatus next week because of the holiday. Happy Thanksgiving to all.
Your highlights for the week are as follows:
  • Database leak exposes millions of text messages including 2FA codes
  • 60% of the top free mobile VPNs come from China
  • More fake cryptocurrency apps masquerade as the real thing
  • Google shares finding regarding mobile malware
  • Thieves capitalize on mobile banking app Zelle

A leaky database of SMS text messages exposed password resets and two-factor codes | TechCrunch
Many free mobile VPN apps are based in China or have Chinese ownership | ZDNet
More malicious cryptocurrency apps found on the Play Store | TNW
Malware on Android can be avoided according to latest Google data | We Live Security
Hackers Easily Drain Cash From Popular Banking App, Experts Warn | NBC Chicago
Did you enjoy this issue?
In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue