Two-thirds of iOS apps don’t use App Transport Security
Most iOS apps don’t take advantage of App Transport Security (ATS), a networking security feature offered by Apple that ensures encrypted connections between apps and …
mobile apps
Google will check apps by new developers more thoroughly
In an attempt to thwart Android developers who are set to distribute malicious apps through Google Play, Google will be taking more time when reviewing apps by developers with …
Consumers willing to dump apps that collect private data, but can’t tell which are doing so
Consumers are increasingly leery of third parties using and capitalizing on their private data. Two in three consumers are willing to dump data-collecting apps if the …
The privacy risks of pre-installed software on Android devices
Many pre-installed apps facilitate access to privileged data and resources, without the average user being aware of their presence or being able to uninstall them. On the one …
Two thirds of Android antimalware apps are ineffective or unreliable
Choosing an effective Android antimalware app is a shot in the dark for many users and they may end up in more danger of malicious apps, not less. In fact, as the results of …
OSSPatcher: Automated mobile application patching for bugs in open source libraries
Researchers from the Georgia Tech and Peking University are working on OSSPatcher, a system for automatic patching of vulnerable open source libraries included in mobile …
The problem with vulnerable IoT companion apps
There’s no shortage of exploitable security holes in widely used Internet of Things devices, so it shouldn’t come as a surprise that the communication between many …
Facebook to shut down iOS app that allowed for near total data access
When Apple banned its Onavo VPN app from its App Store last summer, Facebook took repackaged the app, named it “Facebook Research” and offered it for download through three …
Vulnerable Android password managers make phishing attacks easier
Android password managers can be tricked into entering valid login credentials into phishing apps, a group of researchers has discovered. They have also found that Instant …
Stealthy cryptomining apps still on Google Play
Researchers have flagged 25 apps on Google Play that are surreptitiously mining cryptocurrency for their developers, and some of these have still not been removed, they warn. …
