API ABUSE IN 2017 (PART 3)

Mon 19 February 2018 By Barry O'Rourke

Category: Business, Aggregators, CheatingAsAService, A Series - API Abuse, Threats

Two particularly challenging forms of API abuse are Aggregation and Cheating as a Service. In both these cases your own users are enabling and sometimes funding the individuals and organizations...

Read More

API ABUSE IN 2017 (PART 2)

Tue 13 February 2018 By Barry O'Rourke

Category: Business, Scrapers, Account Hijacking, Fake Accounts, A Series - API Abuse, Threats

Our first batch of business level attacks are Data Scrapers and Account Hijack. We also take a look at the lucrative business of Fake Account Factories.

Read More

API ABUSE IN 2017 (PART 1)

Fri 09 February 2018 By Barry O'Rourke

Category: Business, A Series - API Abuse, Threats

2017 has seen our customers tackling a wide range of abuse and misuse of their Mobile APIs. We are seeing multiple approaches where the business process transparency provided by APIs has resulted...

Read More

THE SPECTRE OF THE ZYGOTE

Wed 10 January 2018 By Richard Taylor

Category: Threats

In part1 of this blog I provided an overview of the Meltdown and Spectre and in this blog I look at the potential impact for mobile security.

Read More

YOU JUST NEED TO SPECULATE TO EXFILTRATE

Tue 09 January 2018 By Richard Taylor

Category: Threats

There is much to discuss in the wake of the security news flow last week. It was dominated by the Meltdown and Spectre CPU bug announcements — 2018 has certainly got off to an interesting start....

Read More

IF YOU CAN'T MAKE IT, FAKE IT

Wed 22 November 2017 By Shona Hossell

Category: Threats, Mobile App Authentication, Business, Bots

As many social media platforms continue to experience incredible growth in popularity, the supporting apps, and the APIs that service them, remain top targets for bad actors. The ability to...

Read More

CAPITALISING ON UBER'S LONDON MISADVENTURE

Tue 17 October 2017 By David Stewart

Category: Mobile App Authentication, Threats, Business

RIVAL CAB COMPANIES ARE QUICK TO MOVE, BUT CYBER CRIMINALS MAY BE QUICKER

Read More

UNINTENTIONAL UNPINNING WITH FIREBASE

Mon 28 August 2017 By Barry O'Rourke

Category: Threats, Mobile App Authentication, Integration

Google's Firebase provides comprehensive set of analytics services for developers to integrate with their apps. On Android the basic functionality is enabled simply by integrating the desired...

Read More

SWIPE LEFT TO SCRAPE

Tue 02 May 2017 By Richard Taylor

Category: Scrapers, Bots, Threats

Yesterday morning security forums reported news that an AI researcher had published a dataset of 40,000 photos that had been scraped from the dating app Tinder. The purpose was simply to extract a...

Read More

RICHER CLIENT, POORER SECURITY?

Wed 19 April 2017 By Richard Taylor

Category: Mobile App Authentication, Threats, News

(Image courtesy of Steve F)

Read More

Page 1 of 2