CyberCENTS cybersecurity training programs are designed by Metova. For their full article, click here. Also, a quick overview of the top mobile threats facing security professionals right now.
1. Clone Wars
Are you using Instagram on your smartphone? Pokemon Go Counter Strike? Breadwallet? Malicious app cloning has affected all of these apps. Hackers create similar apps to trick users into downloading them. Users give the app permission to access their device blindly as if it were an original app. It is then easy for the app to access the device as if it were the original app.
2. Android “Instant App” Vulnerabilities
The idea of instant apps was presented at Google I/O 2016. Instead of having to wait to download an entire app to use a piece, you can only run that part. There is a new opportunity to add malicious code and backdoors to the applications as they will need to be modularized. The Play Store already has many applications, so the approval process for updates may not be as strict. This could allow malicious additions to slip by unnoticed.
3. Mobile Ransomware
Mobile ransomware was on our top 10 mobile security threats list last year. It is still a major vulnerability. People live their lives via their smartphones. They are used for everything, from shopping to social interaction to working. Ransomware assumes that your device holds large amounts of information, information you would be willing to pay large sums of cash to get back if it was not available.
4. SMS-based attacks
Two-factor authentication via SMS was recommended for safer logins up until recently. To complete authentication, the user must first enter a username and password. Then, they will receive a text code. It is unlikely that the username, password and physical device of a person could be compromised simultaneously. Hackers can now access an SMS via redirection or interception without having to use the actual device. NIST (the National Institute of Standards and Technology), is looking into removing out-of band authentication using SMS from their guidelines.
5. Improper Platform Usage
Security features and best practices are built into operating systems. iOS includes a keychain feature that allows applications to store passwords and other secure data. Others might be more focused on communication, permissions or payments. These features are designed to protect against a variety vulnerabilities. These features can be overlooked, misunderstood or blatantly ignored and can make an application vulnerable. To ensure that your application is able to take advantage of these features, it is important to hire a skilled developer who is familiarized with the platform.
Click here to see the complete article, which includes the rest the top 10 lists and tips to protect yourself against these cyber threats.
Are you looking to validate your cyber security skills