CAPITALISING ON UBER'S LONDON MISADVENTURE

Tue 17 October 2017 By David Stewart

Category: Business, Mobile App Authentication, Threats

RIVAL CAB COMPANIES ARE QUICK TO MOVE, BUT CYBER CRIMINALS MAY BE QUICKER

Read More

UNINTENTIONAL UNPINNING WITH FIREBASE

Mon 28 August 2017 By Barry O'Rourke

Category: Integration, Mobile App Authentication, Threats

Google's Firebase provides comprehensive set of analytics services for developers to integrate with their apps. On Android the basic functionality is enabled simply by integrating the desired plugins. No code changes required.

Read More

SWIPE LEFT TO SCRAPE

Tue 02 May 2017 By Richard Taylor

Category: Scrapers, Bots, Threats

Yesterday morning security forums reported news that an AI researcher had published a dataset of 40,000 photos that had been scraped from the dating app Tinder. The purpose was simply to extract a real world data set that can be used for training Convolutional Neural Networks (CNN) to tell the difference between men and women. This seems innocent enough, although the author's choice of variable naming caused a bit of a stir. He quickly changed the variable name "hoe" to "subject" soon after the story broke. Apparently this original naming was inherited from the Tinder Auto-Liker code.

Read More

RICHER CLIENT, POORER SECURITY?

Wed 19 April 2017 By Richard Taylor

Category: News, Mobile App Authentication, Threats

(Image courtesy of Steve F)

Read More

GRAND THEFT AUTO IRL: TESLA AND NISSANS INSECURE AUTOMOTIVE APPS

Wed 12 April 2017 By Richard Taylor

Category: Mobile App Authentication, Threats

(Image by Nam-ho Park)

Read More

ADAPTING OAUTH2 FOR INTERNET OF THINGS (IOT) API SECURITY

Thu 30 March 2017 By Skip Hovsmith

Category: Mobile App Authentication, Threats

On Friday, 21 October 2016, multiple waves of distributed denial of service (DDoS) attacks shut down major internet services across the United States and Europe. The attacking botnet army consisted mainly of printers, IP cameras, residential gateways, and baby monitors infected with Mirai malware. Mirai targets IoT devices, and though each individual IoT device was not very powerful, taken together these devices did significant damage. For many mainstream internet users, the need for strong IoT security became painfully obvious.

Read More

THERE'S A FAKE APP FOR THAT

Tue 10 January 2017 By Skip Hovsmith

Category: Repackaged Apps, Threats

The well-respected Coach brand stands for authenticity, innovation, and relevance. They are a luxury brand, so you might be a bit surprised to find in mid-October that the Coach mobile app in the iTunes App Store was offering an extra 20 percent off bags, shoes and accessories. Act fast but watch out, because Coach doesn't really have an iPhone app!

Read More

THE RISE OF DDoS

Tue 18 October 2016 By Richard Taylor

Category: Mobile App Authentication, Threats

The attack on the website of Brian Krebs and the release of the Mirai malware source code demonstrates the challenges that face the anti-bot world. At its peak, the Krebs on Security DDoS attack was generating 620Gbps of traffic, mostly from IoT devices. With the ever increasing number of internet connected devices, and their current security shortcomings, it should come as little surprise that the scale of DDoS attacks is increasing.

Read More

SECURING POKÉMON

Tue 26 July 2016 By David Stewart

Category: Mobile App Authentication, Reverse Engineering, Threats

A massive success, a staggered worldwide release, ravening hordes of eager adults (and children) with an obsessive urge to catch ’em all. I am of course talking about Pokémon GO from Niantic.

Read More

Page 2 of 2