Football season has finally kicked off and we’re cheering on our favorite teams, both real and fantasy. In preparation for fantasy football season, NowSecure analyzed the risk level of 60 publicly available fantasy sports mobile apps and found that 38% had high and/or critical vulnerabilities. Find more details and analysis results here.
Here are your highlights from this week:
- Czech Technical University’s CivilSphere project finds leaked location data from commonly used clock and weather Android app
- Google Play erroneously removes popular crypto-mining app, MinerGate, after it complies with new on-device mining rules
- NIST working on updated mobile security guidelines to address gaps in previous guidance
- YouTube releases dark mode version of its’ app for Android
- Compilation of leaks and rumors ahead of Apple’s ‘Gather Round’ event on September 12th
- Five intelligence agencies from different countries band together to ask tech companies for more cooperation in law enforcement matters
- Google’s Android Enterprise team details recommended requirements for rugged devices
Subscribe now to receive #MobSec5 updates each Friday in your inbox.
“In this blog, we report some key issues on the ‘Transparent clock & weather’ android application after assessing the network traffic generated by it. In our analysis we found: How a seemingly benign application may leak sensitive information that may put users at risk. We provide details about how the information is leaked. We examine what an attacker may be able to do if is able to retrieve this information.”
Many NowSecure customers leverage our automated test engine to keep track of where a mobile app is sending data. See for yourself, request a demo today.
“Google’s updated terms of service for the Play Store, bans on-device cryptocurrency mining apps. Unfortunately, it’s incorrectly removed a compliant app.”
“Android users are reporting that YouTube is finally getting dark mode. Version 13.35.51 should ship with the option to turn dark mode on or off.”
NIST to Update Mobile Security Guidelines
“‘Michael Ogata, computer scientist at NIST’s applied cybersecurity division, said initial guideline lacked information from other parts of agency or partner security infrastructure, as well as definite statements on application security requirements that should be considered during the vetting process.'”
NowSecure experts stay on top of the latest research and security recommendations because mobile app security is our passion. If you are looking to improve your mobile appsec program, we are happy to knowledge share.
“As Apple’s September 12th event draws near, more supposed leaks and rumors about the 2018 iPhone lineup make headlines. AppleInsider has compiled a list of the leaks, as well as giving some of our own thoughts and opinions on the matter.”
‘Five Eyes’ Agencies Demand Reignites Encryption Debate
“Privacy concerns have been raised after a coalition of intelligence agencies renewed a call for technology companies to allow backdoor access to encrypted content and devices.”
“The power of enterprise mobility goes far beyond the office. Mobility is transforming every industry, from field services and warehouses, to retail stores and manufacturing plants. In these tougher environments, companies need rugged devices that can keep working through harsh conditions and remain up-to-date over deployments that often last five years or more.”
If you want to receive #MobSec5 updates each Friday in your inbox, subscribe now.