The time has come for Google to add some more hoops for Android app developers to jumpt through in order to get their offering accepted to the Google Play store.
Your browser may no longer be vulnerable to FREAK attacks, but what about the mobile apps you use? According to FireEye researchers, who have tested the most popular apps both for Android and for iOS, a considerable number of them are left open to a FREAK attack, as they contain vulnerable versions of the OpenSSL and SecureTransport libraries.
Researchers from IBM's security team have discovered an authentication flaw in the Dropbox Software Development Kit (SDK) for Android that can be exploited to capture new data a user saves to his Dropbox account.
Google has become pretty swift at finding and removing fake and malicious apps from its Google Play store, but there is one part of it where malware peddlers still seem to thrive: the "bookstore." According to Ryan Whitwam, there are a number of publisher accounts in Google Play that have specialized in offering fake "guides" that will supposedly show users how to download a cracked and cheaper version of popular games for Android.
A flaw in OpenSSL and Apple's Secure Transport implementation of SSL and TLS protocols is putting millions of Android and Apple device users as well as visitors of secured sites in danger of having their encrypted connections decrypted, and the information exchanged with the servers behind them intercepted.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.