Tag: Mobile Security

A New Vulnerability in the Android Framework: Fragment Injection

We have recently disclosed a new vulnerability to the Android Security Team. The vulnerability affected many apps, including Settings (the one that is found on every Android device), Gmail, Google Now, DropBox and Evernote. To be more accurate, any...

Mobile Apps: Which are More Secure Android or iOS?

This is a weekly post where we address questions of interest to the Application Information Security Community. Which Apps are More Secure Android or iOS? Are Mobile Application Reputation Services valuable to Enterprises?

IBM to Acquire Fiberlink: What It Means for Mobile Security

IBM has announced our intent to acquire Fiberlink. Fiberlink's MaaS360 enterprise mobility management (EAM) platform delivers leading mobile management and security capabilities from the cloud. Mobile management, when taken in combination with...

Are Passwords Dead? We Need a Better System Now

Passwords are failing us. Roughly 76% of all data breaches were enabled by weak credentialing and user authentication. It's time to discuss replacing them with something that does work.

Android 4.3 is Here! What Does it Mean for Security?

Let's take a few minutes to examine the changes Android 4.3 Jelly Bean introduces from a security perspective. While ultimately, the specific nature of the Android 4.3 Jelly Bean firmware image from the device manufacturer...

Four Steps to Data Security in the Cloud

Four basic steps to implementing data security in the Cloud. As technology enables new insights into business it becomes even more important to protect the data that is in the Cloud or in the IT infrastructure.

Understanding the Android "master key" vulnerability

Bluebox Labs last week announced a vulnerability in Android's code for cryptographic signature verification and app installation. They are planning to publicly disclose the details in their upcoming BlackHat US talk. Google has patched this...