The Broadband Guide
SG
search advanced

Researchers find hundreds of easily-breached messaging apps

2017-11-09 14:14 by

 

Today, Appthority, the global leader in enterprise mobile threat protection, published research on its recent discovery of the Eavesdropper vulnerability, which has resulted in a large-scale data exposure.

Eavesdropper is caused by developers carelessly hard coding their credentials in mobile applications that use the Twilio Rest API or SDK, despite best practices the company clearly outlines in its documentation. Twilio has reached out to all developers with affected apps and is actively working to secure their accounts.

Appthority security researchers have identified this as a real and ongoing threat affecting nearly 700 apps in enterprise mobile environments, over 170 of which are live in the official app stores today. Affected Android apps alone have been downloaded up to 180 million times.

Examples of apps with the Eavesdropper vulnerability include an app for secure communication for a federal law enforcement agency, an app that enables enterprise sales teams to record audio and annotate discussions in real-time, and branded and white label navigation apps for customers such as AT&T and US Cellular.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About