Guest Post – Mobile App Security Threats and Secure Best Practices Part 2

A guest post by KC Karnes

Mobile App Security Exploit Examples: Painful Real-life Lessons

The climate around mobile app security is heating up.

Mobile app vulnerabilities are exploited every day, resulting in expensive data breaches and loss of public trust.

In this section, we will try to learn from the failures of other companies and highlight how real the threats outlined above can be.

Timehop Fails To Trust Two-Factor Authentication

Starting in December of 2017, TimeHop was ...

Continue Reading →
0

Guest Post – Mobile App Security Threats and Secure Best Practices Part 1

A guest post by KC Karnes

Is your mobile app secure?

It shouldn’t come as a surprise that mobile apps are targeted by hackers, given the rapid adoption and increased usage globally. By some estimates, one out of every 36 mobile devices has high-risk apps installed.1

An even more sobering mobile app security statistic for businesses to hear: 71% of fraud transactions came from mobile apps and mobile browsers in the ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Social Warfare WordPress Plugin Zero-Day: Details and Attack Data

In our earlier post, we issued a warning to users of the Social Warfare plugin regarding a zero-day vulnerability affecting their sites. At this time, the plugin’s developers have issued a patch for the flaw. All users are urged to update to version 3.5.3 immediately.


Continue Reading →
0

Unhappy Valentines Day – Romance Fraud

This Valentine’s Day, be careful of who you let into your heart.  Unfortunately for every love-lorn single there is a fake Romeo or dating site scammer waiting to separate them from their money.  According to the FBI, the amount of money losses to victims of romance fraud makes it the second most lucrative cyber crime, generating $211 million for the perpetrators. Only business email ...

Continue Reading →
0

Too Legit – The DocuSign No Malware Phishing Exploit

You or your CFO receive an email offering business capital at attractive interest rates.  The company that sent you the offer has provided an application for the loan using the legitimate document presentation platform, DocuSign.  Everything looks legit, and it is.  No fake web pages or near-miss web addresses.  But this is the latest in “no malware” phishing scams.

Filling out the form will give ...

Continue Reading →
0

It’s Income Tax Fraud Season Again

Every year about this time, cyber-criminal groups start to ramp up for the annual income tax fraud season.  If you would prefer to receive your own tax refund, as opposed to letting some scam artist get it instead, the basic solution is to file your returns as early as possible.  Here are some things to be watching for.

  • W-2 reports phishing scam – This phishing scan usually targets company HR department personnel, ...
Continue Reading →
0

Top Cyber-Attack Vectors – Past, Present, and Future

Are you wondering what exploits represent the biggest threats in 2019?  It can be difficult and expensive to defend against everything.  If your company is budget-constrained, it may make more sense to defend against what is “likely” instead of everything that is “possible.”  Today we look at some of the biggest cyber-attack methods from the past, the present and the future.

Past

While these threats ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Glitter bomb engineer exacts revenge on parcel thieves

Everyone else has reported this Christmas gem, why shouldn’t we? NASA engineer Mark Rober “over-engineered the crap” out of it, including motion detection, geofencing, and 4 cameras to record some priceless reactions.  Here is the YouTube video.


Dark web goldmine busted by Europol

What’s the ...

Continue Reading →
0
Page 1 of 8 12345...»