12 Feb 2021

Mobile Health Apps Found to Expose Records of Millions of Users

A recent analysis of 30 popular mobile health applications has concluded that many expose the full patient records to millions of people due to API vulnerabilities. The research was conducted by Alissa Night with Knight Ink, on behalf of mobile API protection firm Approov. The applications were still vulnerable to

Read More
04 Feb 2021

Concerns Over API Security Grow as Attacks Increase

Salt Security has released a report on API security that found 66% of organizations reported that they have slowed deploying an app into production because of API security concerns. This marks the second time in recent months that researchers are warning of application program interface threats to enterprise security. The

Read More
06 Jan 2021

Crypto-Hijacking Campaign Leverages New Golang RAT

An emerging operation leverages a new Remote Access Tool (RAT) that is designed to steal crypto-currency from users. Since January 2020, ElectroRAT, as named by Intezer, has been active in a full marketing campaign complete with applications, social media accounts and websites. The RAT is written in Golang and is

Read More
21 Jul 2020

Mac Cryptocurrency Traders Targeted by Trojanized Apps

According to security experts, four trojanized cryptocurrency trading apps have been distributing malware that targets cryptocurrency wallets and collects data from Mac users’ browsing habits. Mac users are the primary victim of the malicious apps, which drain victims’ cryptocurrency wallets after download. The fake applications are called Cointrazer, Cupatrade, Licatrade,

Read More
26 May 2020

70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs

Veracode’s annual State of Software Security report has revealed that researchers found 70 percent of applications available online contain at least one security flaw stemming from the use of an open-source library. This can arguably be attributed to a lack of awareness about where and how open source libraries are

Read More
25 Feb 2020

Apple Takes Heat Over ‘Vulnerable’ iOS Cut-and-Paste Data

German software engineer Tommy Mysk has developed rogue proof of concept (PoC) app called KlipboardSpy to demonstrate how any cut and paste data stored temporarily on an iPhone or iPad’s memory can be accessed by all apps installed on the specific device. This means that malicious apps could potentially have

Read More