The rapidly evolving COVID-19 emergency has set off a global race to trace, and Synopsys offers key considerations for track and trace application development.
Posted in Application Security, Building secure software, Mobile App Security, Public Sector Cyber Security
We dig into the inner workings of trustlets, how different components work together to provide a Trusted Execution Environment, and how to attack them.
Posted in Mobile App Security, Security news and research, Software Security Research
5G security is top of mind for those who recognize that 5G is going to be higher risk. Fuzzing is one of the leading testing techniques for securing 5G.
Posted in Fuzz Testing, IoT Security, Managing security risks, Mobile App Security
Mobile apps often protect themselves via internally developed controls and commercial products. Learn about how some controls work and how to sidestep them.
Posted in Mobile App Security, Webinars
There’s a lack of robust mobile app security on billions of devices people carry around. Why is it such a problem, and what can developers do to solve it?
Posted in Mobile App Security
A CISO having a bad day finds out the hard way that cutting corners on software security testing might end up costing him more than he saved.
Posted in Mobile App Security, Web Application Security
The software flaws and weaknesses on our top 10 software vulnerability list for 2019 are easy to find and fix with the right application security guidance.
Posted in Mobile App Security, Web Application Security
The Golden Cup app on Android targeted World Cup fans with a spyware campaign dating back to January aimed at members of the Israeli Defense Force (IDF).
Posted in Mobile App Security, Public Sector Cyber Security
Google started releasing monthly security updates for Android back in August 2015. Modern Android devices show you the latest monthly patch level that has been applied. The responsibility for deploying the patches ultimately falls on original equipment manufacturers (OEMs) and carriers, who need to test the security updates on their devices to ensure that they do not break any functionality. Google does provide updates for its Nexus and Pixel devices directly to end users, but given how Android is designed, Google cannot simply push out arbitrary security updates to all Android devices. Do OEMs have to push out updates? The problem is that OEMs and carriers are responsible not only for pushing out the updates but also for displaying the latest month for which Google’s monthly updates have been applied to a device. There may be legitimate reasons why an OEM or carrier may choose not to push out a security update for a particular type of device. For example:
Posted in Mobile App Security
A Synopsys survey reveals that the security of customer-facing web and mobile apps is the top security challenge for IT professionals in Asia.
Posted in Mobile App Security, Web Application Security