Tag Archive for: insecure

University of Cambridge study finds 87% of Android devices are insecure – Ars Technica

/in

Ars Technica

University of Cambridge study finds 87% of Android devices are insecure
Ars Technica
It's easy to see that the Android ecosystem currently has a rather lax policy toward security, but a recent study from the University of Cambridge put some hard numbers to Android's security failings. The conclusion finds that "on average 87.7% of
Google-funded study reveals Android security is a total disasterBGR
AH Primetime: Cambridge University Analyze Android Security RiskAndroid Headlines – Android News
Android security a 'market for lemons' that leaves 87 percent vulnerableZDNet
Digital Trends –Phone Arena –Digital Journal
all 756 news articles »

“android security” – read more

Despite reports of hacking, baby monitors remain woefully insecure

/in

Disturbing reports in recent years of hackers hijacking baby monitors and screaming at children have creeped out parents, but these incidents apparently haven’t spooked makers of these devices.

A security analysis of nine baby monitors from different manufacturers revealed serious vulnerabilities and design flaws that could allow hackers to hijack their video feeds or take full control of the devices.

The tests were performed by researchers from security firm Rapid7 during the first half of this year and the results were released Tuesday in a white paper. On a scale from A to F that rated their security functionality and implementation, eight of the devices received an F and one a D.

To read this article in full or to leave a comment, please click here

Network World Security

Moonpig jeopardizes data of millions of customers through insecure API

/in

Moonpig, a large online seller of personalized greeting cards and gifts, shut down its mobile apps Tuesday because of a security weakness that could have given hackers access to customer information.

A developer named Paul Price found that Moonpig’s API (application programming interface), the online service used by the company’s mobile apps to interact with its website, lacked basic security features.

Price found that requests from Moonpig’s Android application to the API used a static set of credentials, regardless of customer account. The only thing that differentiated requests from different users was a customer ID included in the request URL.

To read this article in full or to leave a comment, please click here

Network World Security

“You’re under arrest for possession of an insecure phone” – 60 Sec Security [VIDEO]

/in

Here’s this week’s 60 Second Security video. News you can use in a format you can enjoy…all in 60 seconds!
Naked Security – Sophos