Tag: Android

A New Vulnerability in the Android Framework: Fragment Injection

We have recently disclosed a new vulnerability to the Android Security Team. The vulnerability affected many apps, including Settings (the one that is found on every Android device), Gmail, Google Now, DropBox and Evernote. To be more accurate, any...

Mobile Apps: Which are More Secure Android or iOS?

This is a weekly post where we address questions of interest to the Application Information Security Community. Which Apps are More Secure Android or iOS? Are Mobile Application Reputation Services valuable to Enterprises?

Android 4.3 is Here! What Does it Mean for Security?

Let's take a few minutes to examine the changes Android 4.3 Jelly Bean introduces from a security perspective. While ultimately, the specific nature of the Android 4.3 Jelly Bean firmware image from the device manufacturer...

Understanding the Android "master key" vulnerability

Bluebox Labs last week announced a vulnerability in Android's code for cryptographic signature verification and app installation. They are planning to publicly disclose the details in their upcoming BlackHat US talk. Google has patched this...

Practical mobile app security scanning tips

Looking to do dynamic security testing of your mobile apps? Look no further! In this hands-on article, learn how to use IBM Security AppScan Standard with mobile user agents, as well as emulators and actual devices for Android and iOS. Continue...