Software Integrity

Archive for the 'Mobile Application Security' Category

 

Fixing the CVE program, your personal data checking out and taking flight

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Fixing the CVE program, your personal data has already “checked out,” and it even “may potentially” have taken flight. Watch this week’s episode below to […]

Continue Reading...

Posted in Mobile Application Security, Weekly Security Mashup

 

Golden Cup was a world cup of trouble

Nobody with any connection to, or interest in, the FIFA World Cup can say they weren’t warned. In the days leading up to the quadrennial world championship of European football (or soccer), security experts put the word out constantly that everybody involved—players, organizers, staff, and spectators (including those watching on TV or online)—would be a […]

Continue Reading...

Posted in Mobile Application Security, Privacy

 

Are Android OEMs responsible for the gap in mobile security updates?

Google started releasing monthly security updates for Android back in August 2015. Modern Android devices show you the latest monthly patch level that has been applied. The responsibility for deploying the patches ultimately falls on original equipment manufacturers (OEMs) and carriers, who need to test the security updates on their devices to ensure that they […]

Continue Reading...

Posted in Mobile Application Security

 

Apps security the top challenge for customer-facing mobile and web applications research shows

A new Synopsys survey reveals that customer-facing web and mobile applications are the top security challenge for IT professionals in Asia. From Sept. 19 to 21, 2017, Synopsys conducted a survey at Singapore International Cyber Week (SICW), the region’s most established cyber security event. We spoke to 244 C-level IT professionals, managers, and executives in […]

Continue Reading...

Posted in Mobile Application Security, Web Application Security

 

Demystifying Android’s SafetyNet Attestation at Black Hat Europe 2017

Many app developers have questions like “Is the device my app runs on reliable? Is it trustworthy? Could it be ‘rooted’?” Answering questions such as these can be difficult. In an area traditionally dominated by root detection products and DIY techniques, Google attempts to respond to this request: “OK Google, what do you think about […]

Continue Reading...

Posted in Mobile Application Security

 

iPhone X Face ID: Evaluating the security of biometric systems

Several frameworks have been proposed to evaluate the security of biometric systems. Popular ones include the simpler Ratha’s framework [1] and the enhanced Bartlow and Cukic framework [2]. To employ these frameworks to evaluate iPhone X’s biometric security, we need a lot of data points that we don’t have yet. We won’t speculate on the […]

Continue Reading...

Posted in Mobile Application Security

 

How secure is iPhone X Face ID facial recognition?

Written in coordination with Grant Douglas Facial recognition is one of the most widely and commonly used forms of biometric access control. Unlike other biometric systems, the information a face contains has a multitude of versatile applications. This information can be used to identify a subject’s gender, ethnicity, age, and even emotional state. A large […]

Continue Reading...

Posted in Mobile Application Security, Software Architecture and Design

 

3 tips to ramp up your mobile application security

Modern mobile device users often have their devices tightly integrated into daily life. From banking apps to social media feeds, these applications are high visibility targets for hackers and thieves looking to exploit weaknesses or hijack vulnerabilities. By ramping up mobile app security, vendors ensure the safety and security of their users and their infrastructure. […]

Continue Reading...

Posted in Mobile Application Security

 

Automotive security goes beyond the car

There’s been a fair share of attention paid to the security inside the connected car. There’s also been a significant uptick in new devices and apps that communicate with the vehicle from afar. These devices and apps use traditional means of communication (e.g., Bluetooth, Wi-Fi, etc.). They also make some very common software mistakes. For instance, […]

Continue Reading...

Posted in Automotive Security, Mobile Application Security

 

Is a career in application security consulting right for you?

In January 2016, Forbes announced that there were one million job openings in cyber security. The shortage of talent has continued to mount while demand is expected to increase to six million globally by 2019. You may be intrigued by the idea of security consulting but aren’t sure how to transition or break through. If […]

Continue Reading...

Posted in Mobile Application Security, Web Application Security