Forrester Report: Why to automate AppSec now.

Tag: Android

Android WebView: Are Secure Coding Practices Being Followed?

Android WebView: Are Secure Coding Practices Being Followed?

WebViews are very common on the Android applications. There are clear WebView security best practices, but are they being implemented? With our previous blog post in mind, Android WebView: Secure Coding Practices, we wanted to understand how security best practices in WebViews are being implemented in the wild. Are the apps with WebViews, currently available on

Read More ›

Get Freebies by Abusing the Android InApp Billing API

Get Freebies by Abusing the Android InApp Billing API

Security researchers started talking about vulnerabilities in the Android InApp Billing API years ago, but we found it worthwhile to take another look to see how it has improved (or not) and verify the best way to build security into the application. The Android InApp Billing API is a powerful part of the Android framework that allows

Read More ›

Smart Bulb Offers Light, Color, Music, and... Data Exfiltration?

Smart Bulb Offers Light, Color, Music, and… Data Exfiltration?

Smart bulbs are widely known as a successful offering in home automation and IoT products, as they are internet-capable light bulbs that allow home users to customize the colors, schedule on and off times, and control them remotely. Some even play music and could improve your sleep. Any device that can wireless connect with phone

Read More ›

Navigation Apps: Leading the Way? Or Following You?

Navigation Apps: Leading the Way? Or Following You?

In the United States alone, 84% of adults are using navigation applications, according to a recent Gallup poll. Whether they’re downloading it in an app store or the navigation capability is already built into the car, these navigation tools are taking us to the grocery store, to our grandparents’ house, to job interviews, and everywhere

Read More ›

Meet NFCdrip – a New Security Concern for Air-Gapped Systems

Meet NFCdrip – a New Security Concern for Air-Gapped Systems

Air-gapping means physically isolating a secure computer from unsecured networks, such as the public Internet or an unsecured local area network. The concept of air-gapping represents just about the maximum protection one network can have from another, other than actually turning off the device. Typically, military or governmental computer systems, financial computer systems, industrial control

Read More ›

Jump to Category