Researchers find hundreds of easily-breached messaging apps

Today, Appthority, the global leader in enterprise mobile threat protection, published research on its recent discovery of the Eavesdropper vulnerability, which has resulted in a large-scale data exposure.

Eavesdropper is caused by developers carelessly hard coding their credentials in mobile applications that use the Twilio Rest API or SDK, despite best practices the company clearly outlines in its documentation. Twilio has reached out to all developers with affected apps and is actively working to secure their accounts.

Appthority security researchers have identified this as a real and ongoing threat affecting nearly 700 apps in enterprise mobile environments, over 170 of which are live in the official app stores today. Affected Android apps alone have been downloaded up to 180 million times.

Examples of apps with the Eavesdropper vulnerability include an app for secure communication for a federal law enforcement agency, an app that enables enterprise sales teams to record audio and annotate discussions in real-time, and branded and white label navigation apps for customers such as AT&T and US Cellular.

Read more -here-

• Microsoft is laying off as many as 9,000 employees
• NASA will start livestreaming content on Netflix later this summer
• The government's Apple antitrust lawsuit is still on
• Millions of printers open to hacks due to unpatchable security flaw
• Microsoft to retire the Blue Screen of Death for a Black Void
• Google rolls out Street View time travel to celebrate 20 years of Google Earth