We here at Appthority want to send out a big thank you to all those who stopped by our Risky Business party (co-hosted by MobileIron) or booth last week during RSA. We had a busy and productive conference week filled with a lot of great conversations and interesting sessions and keynotes. There was a lot of interest in our new Winter 2014 App Reputation Report with a breakdown on the security and privacy behaviors behind the top 400 iOS and Android apps to assess the state of mobile app security. As BYOD continues to get attention, we also heard from a lot of journalists interested in the impact of mobile app risk on enterprises and consumers. Over 100 articles came out covering the findings from our report.... Read More »
If you rely on an iPhone, iPod Touch or iPad, now is a great time to install iOS 7.0.6. Without that update, you could be enabling hackers to intercept what should be secure communications between your device and SSL protected websites – we’re talking about email and login credentials.
Mac computers are also impacted and Apple is expected to release a patch for OSX in the near future.... Read More »
Just last week, the National Cyber Security Alliance promoted its internationally recognized annual holiday, Data Privacy Day. The theme of Data Privacy Day, “Respecting Privacy, Safeguarding Data, and Enabling Trust,” came just on the heels of new revelations from the N.S.A. around how they target mobile.
According to the New York Times, the National Security Agency let it slip that they use mobile apps as a method to access personal information. These “leaky apps” such as the popular gaming app Angry Birds give away things such as smartphone identification codes and pinpointed locations throughout the day.... Read More »
It was recently discovered that the Starbucks app was storing usernames, email addresses and password in clear text (unencrypted), making this information identifiable to anyone with access to the app-holder’s phone and a computer. By connecting the phone to a computer, credential information and a list of geolocation tracking points of the account were readily accessible. The app used the convenient “save credentials” feature that allowed users to save their information. As a result, users wouldn’t have to re-enter their username and password with every use. This revelation sent shockwaves through the consumer community.... Read More »
In case you missed it, Apple has set a deadline for app developers to have their apps optimized for iOS7 by February 1, 2014. This means that after the deadline, apps or updates to existing apps will only be accepted for review by Apple if they are built with the latest version of Xcode5.
Apple is eager for developers to adapt to iOS7 so users can take full advantage of the iOS7 experience. As a way to tell developers that they won’t be limiting their user pool, Apple has posted iOS7 adoption rate figures on their developer website. Current rate? It stands at 79 percent.... Read More »
Appthority has had several interesting discussions with a number of the global automotive companies, which have the foresight to think about app security, These companies are taking time to analyze (not for just mobile malware, mobile viruses, etc.) and secure apps but looking at mobile apps before they are allowed to enter the networked car ecosystem. Having conducted thorough security analysis on over two million mobile apps for its enterprise customers, Android and iOS alike, Appthority looks forward to the days of protecting (through App Risk Management, mobile malware detection, etc.) the connected vehicles of the future.... Read More »
Happy New Year! We here at Appthority have put together a few of our own predictions. We gave you a teaser in our blog post on financial security predictions. As promised, here are some others.
1. Tensions will rise
As you may have read in Larry Seltzer’s article in ZDNet, Appthority’s chief architect and co-founder, Kevin Watkins, explains his prediction that tensions will increase between IT departments and end users as businesses move toward adopting technologies that will approve apps as they are downloaded.... Read More »
This week in mobile app security news, the Federal Trade Commission took a stand against nonconsensual data collection and sharing. Popular Android flashlight app, Brightest Flashlight Free, was caught collecting and sharing personal information to third-party sources without user knowledge or consent. As a response, the FTC filed a complaint against the app maker, Goldenshores Technologies LLC.... Read More »
In a recent interview with Gartner analyst, Anton Chuvakin, Tracy Kitten from Information Security Group discussed Chuvakin’s predictions on the security climate for next year, focusing on mobile and cloud security for financial institutions.
Chuvakin made it very clear that mobile security was a greater concern than cloud security for financial institutions, because it’s not standard practice to store sensitive data in the cloud yet. As mobile technology adoption continues to proliferate, Chuvakin explained, so do the risks.... Read More »
The U.S. Food and Drug Administration (FDA) recently issued final guidance for developers of mobile medical apps, announcing it intends to focus its oversight on a subset of mobile medical apps presenting greater risk to patients if they don’t work as intended. While the FDA acknowledges that medical apps have numerous advantages for the health care industry and its patients, they also want to help protect against apps that carry risks if they don’t operate correctly. Jeffrey Shuren, director of the FDA’s Center for Devices and Radiological Health explained that the “mobile medical app policy provides app developers with the clarity needed to support the continued development of these important products.”... Read More »