What you should know about iOS malware XcodeGhost

Apple’s iOS App Store suffered first major attack in the form of large-scale distribution of a malware called XcodeGhost, making its way through tampered copies of Xcode, Apple’s development software. More than 300 apps in the App store have been infected, with their copies distributed worldwide among millions of users. Apple is cleaning up its …

Continue reading

Threat Modeling for Mobile Applications: Part 1

Performing Threat Modeling for Mobile Applications early in the application design process allows for strong control on security vulnerabilities in the application. Building application with no defects early in the process is much cost effective than addressing them once an application is in production. This is something, which is being missed in majority of the …

Continue reading

[Slide] Gaana Hacked: Understanding the SQL Injection Exploit

Gaana.com is a commercial music streaming service providing free and licensed music. Gaana.com was recently hacked by a Pakistani hacker by the name of MakMan. Accounts of over 10 Million users of Gaana service were hacked into and information was made available to the public until Satyan Gajwani, the CEO of Gaana.com requested the hacker …

Continue reading

[Slide] Truecaller Hacked: Understanding the Database Exploit

Truecaller, an online phone directory was hacked into by Syrian Electronic Army hackers, giving them access to nearly a billion phone numbers from its around 20 million users. Truecaller in an statement had acknowledged the”cyberattack” but offered few details. It said that attackers retrieved tokens that — when paired with a secret passphrase – gives third-party …

Continue reading

How vulnerabilities in Starbucks’ mobile app led to fraud?

Vulnerabilities in Starbucks’ Mobile App laid pavement for a new way of fraud in the world, making the users to go on back-foot on the usage of mobile payments. How did it happen? How vulnerabilities in Starbucks’ mobile app led to fraud? The increase in technology is not only improving the performance of a user but …

Continue reading