Tag Archive for: mobile

Secure Your Mobile App Security With These 10 Essential Practices


The more we advance to a new era of the digital age, the more we are exposed to cyber threats. Using mobile apps has become a part and parcel of our daily lives and sharing our info sometimes becomes necessary. In this aspect, ensuring the security of these digital gateways has become an absolute imperative.

According to the Global Mobile Threat Report 2023, there were more 80% of phishing sites heavily targeted mobile devices and apps. Moreover, yearly Android apps display 500-900 vulnerabilities and iOS around 300 vulnerabilities in the past few years. This is quite worrisome. Similarly, a report by Promon says that 77% of global digital payment apps are exposed to malware and other cyber threats. With these reports, it is sure that investing on strong mobile app security is important.

As smartphones intricately integrate into every facet of our lives, the vulnerabilities within mobile apps have become an enticing target for cyber threats. Hence, you must secure your mobile application and safeguard the sensitive data of users.

The introduction of your mobile app is not just an interface; it is a gateway to a wealth of personal information. From encryption techniques to robust authentication measures, understanding and implementing the latest security protocols is pivotal in establishing trust with users and warding off potential breaches. Mobile app development services work on offering highly secured apps by adding modern security tools for better use.

Top 10 Mobile App Security Best Practices

  1. Potent Encryption Technology

This fundamental practice of mobile app security involves transforming sensitive information into an unreadable format, rendering it indecipherable to anyone lacking the appropriate decryption key. Through algorithms such as AES (Advanced Encryption Standard), developers encode user credentials, financial transactions, and other critical data, safeguarding them from prying eyes.

By…

Source…

Bitcoin Ransomware Attackers Leak Venezuela Mobile Carrier Data


Tim Alper

Last updated:

| 1 min read

Bitcoin Ransomware Attackers Leak Venezuelan Mobile Carrier Data

Bitcoin ransomware attackers reportedly leaked “sensitive data” belonging to “millions” of Venezuelan mobile carrier Digitel customers onto the internet on February 12.

Per the X channel VE sin Filtro, the attackers hail from the MedusaBlog hacking group.

Bitcoin Ransomware Attackers ‘Demanded $5million Worth of Coins’


The group reportedly infiltrated Digital’s networks on February 2 and seized control of company data.

MedusaBlog representatives told the company that it had one week to pay a $5 million ransom in Bitcoin – around BTC 100 at the time of writing.

A graph showing Bitcoin prices versus the USD over the past five days.
Bitcoin prices versus the USD over the past five days. (Source: Google Finance)

According to MedusaBlog, the channel reported:

“[The hijacked data cache] includes a list of employees, identification documents, financial documents, reports, invoices, contracts, subscriber agreements, and [citizens’] personal data.”

The media outlet Criptonoticias quoted the Digital customer and IT journalist Fran Monroy Moret as calling the data leak a “disaster.” Monroy Moret said:

“There could be much more. [MedusaBlog] could have stolen information from more than five million Digitel users.”

The journalist said this could include “sensitive” customer data such as “IDs, fingerprints, photographs, names, and more.”

However, the expert said Digitel customers should remain “calm and wait for events to unfold.”

The same media outlet advised Digitel users to change passwords and “safeguard their emails and accounts on different platforms.”

Footage from a Digitel marketing video published in 2023.
Footage from a Digitel marketing video published in 2023….

Source…

Governor Otu Cries Over Hacking Of Mobile Line


Cross River State Governor Bassey Edet Otu has raised the alarm over the hacking of his telephone line by internet fraudsters.

Otu said the scammers were using his phone line to send text messages to unsuspecting members of the public to solicit for financial assistance.

Otu’s chief press secretary Mr Emmanuel Ogbeche raised the alarm in a statement he made available to LEADERSHIP in Calabar yesterday.

Ogbeche said, “The public is advised to disregard any such messages purportedly from the governor. One of the governor’s mobile numbers was breached by hi-tech criminals in the early hours of Sunday, February 11, 2024.

“The hackers have gone on to utilise the breached number to advance their nefarious activities to try to scam unsuspecting individuals. Please, do not fall for such devious attempts.

“The hacked number has been secured while relevant security agencies are working to apprehend those behind this obnoxious act,” he said.

Source…

CERT-In Issues High-Risk Security Alert On Certain Samsung Mobile Android Versions


SUMMARY

The affected software includes Samsung mobile Android versions 11, 12, 13 and 14

Multiple vulnerabilities have been reported in Samsung products which could allow an attacker to bypass implemented security restrictions, access sensitive information and execute arbitrary code on the targeted system: CERT-In

Samsung is one of the leading smartphone manufacturers in India, along with companies including Xiaomi, OPPO, OnePlus and Apple

The Computer Emergency Response Team (CERT-In), the Centre’s nodal agency dealing with cyber security, has issued a high-risk security alert for four versions of Samsung phones, saying that multiple vulnerabilities have been reported in the products with certain software.

The affected software includes Samsung mobile Android versions 11, 12, 13 and 14.

“Multiple vulnerabilities have been reported in Samsung products which could allow an attacker to bypass implemented security restrictions, access sensitive information and execute arbitrary code on the targeted system,” said CERT-In in its vulnerability note.

These vulnerabilities exist due to issues such as improper access control in Knox features, issues in the facial recognition software, improper authorisation verification vulnerability in AR emoji, improper input validation vulnerability in Smart Clip, and others, said the advisory. 

“Successful exploitation of these vulnerabilities may allow an attacker to trigger heap overflow and stack-based buffer overflow, access device SIM PIN, send broadcast with elevated privilege, read sandbox data of AR emoji, bypass Knox guard lock via changing system time, access arbitrary files, gain access to sensitive information, execute arbitrary code and compromise the targeted system,” it added.

These vulnerabilities are likely to affect a range of Samsung devices, including the Galaxy S23 series, Galaxy Flip 5, and Galaxy Fold 5. 

Meanwhile, Samsung is one of the leading smartphone manufacturers in India, along with companies including Xiaomi, OPPO, OnePlus and Apple. The company has also been bolstering its position as one of the top smartphone manufacturers in the country.

As per a Canalys report, Samsung maintained its top position with…

Source…