masterwordsmith-unplugged

Here's an excerpt from  Popular Android Apps Leaking Private Password, Credit Card Data that was featured in Mashable earlier today:


Here’s some bad news for Android users: Researchers have uncovered 41 Android apps in the Google Play store that are leaking sensitive data, ranging from credit card information and email content to social networking site passwords, new research suggests.

Researchers at Leibniz University of Hannover and Philipps University of Marburg in Germany have released findings that indicate various Android apps currently available for download are subject to major encryption issues. (Note: The study was only conducted among Android apps, but app security issues are likely to pop up on other platforms, as well).

The team used a Samsung Galaxy Nexus smartphone operating on Android 4.0 Ice Cream Sandwich to conduct testing and began the study by downloading 13,500 free apps. About 1,074 apps — or 8% of the sample — contained code that was potentially vulnerable to man-in-the-middle (MITM) attacks, which allows a cybercriminal to intercept a message or data that is assumed to be private and secure.

The team did a manual audit of 100 of those apps and was able to successfully launch attacks against 41.

CLICK HERE for the rest of the entry.

CLICK HERE for the research report by researchers at Leibniz University of Hannover and Philipps University of Marburg in Germany.