RSA App Exposes User Data Due to Common Developer Mistake

RSA App Exposes User Data Due to Common Developer Mistake

Late last week security researchers found the RSA security conference exposing conference attendee data via vulnerabilities in its mobile app. Because a 3rd party developer had hard coded data – including security keys and passwords – in the RSA Conference application, a researcher was able to use an API to ... Read More
SOCKS Proxy SDKs a New Risk for Enterprises

SOCKS Proxy SDKs a New Risk for Enterprises

As an alternative to advertising, monetization SDKs are being used in apps in Google Play that utilize the phone as a SOCKS proxy. Appthority has already confirmed one major enterprise incident response based on the use of one of these SDKs and the traffic exiting the device. These SDKs present ... Read More
Using Machine Learning to Find Fake MyEtherWallet Apps

Using Machine Learning to Find Fake MyEtherWallet Apps

Fraudulent Apps are Efficient for Attackers Malware authors have two options to get a user to install a malicious app: invest the time that it takes to build some new and useful functionality or impersonate an app with a brand and leverage its implied usefulness and the trust of the ... Read More