Mobile Security: Why App Stores Don’t Keep Users Safe
3/24/2016In a preview of his Black Hat Asia Briefing next week, a security researcher offers more proof of trouble in the walled gardens of the Apple and Google App stores.
Post a Comment
Author
Profile of Avi Bashan
Senior Security Researcher, Check Point News & Commentary Posts: 1Avi Bashan is a technology leader at Check Point and former senior security researcher and CISO at Lacoon Mobile Security. With more than 10 years of experience in the mobile, networking, and security industries, Avi is one of the main figures in the research and engineering aspects of the company. Prior to Lacoon, Avi was a leading security consultant at Comsec, working with Fortune 500 firms on their vulnerability management processes. He spent four and a half years in the Israeli Defense Force. Avi holds a B.Med.Sc from the Hebrew University of Israel in Medical Studies.
Articles by Avi Bashan
In a preview of his Black Hat Asia Briefing next week, a security researcher offers more proof of trouble in the walled gardens of the Apple and Google App stores.
Post a Comment
White Papers
Video
3 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-17906
PUBLISHED: 2018-11-19
PUBLISHED: 2018-11-19
PUBLISHED: 2018-11-19
PUBLISHED: 2018-11-19
PUBLISHED: 2018-11-19
From DHS/US-CERT's National Vulnerability Database CVE-2018-17906
PUBLISHED: 2018-11-19
Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all versions. Default credentials and no authentication within third party software may allow an attacker to compromise a component of the system.
CVE-2018-9209PUBLISHED: 2018-11-19
Unauthenticated arbitrary file upload vulnerability in FineUploader php-traditional-server <= v1.2.2
CVE-2018-9207PUBLISHED: 2018-11-19
Arbitrary file upload in jQuery Upload File <= 4.0.2
CVE-2018-15759PUBLISHED: 2018-11-19
Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method of verifying credentials. A remote unauthenticated malicious user may make many requests to the service broker with different credentials, allowing them to infer valid credentials and gain access to perfo...
CVE-2018-15761PUBLISHED: 2018-11-19
Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their privileges...
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This