Insecure Data Storage in Mobile Applications Poses Security Issues -- Security Today

Insecure Data Storage in Mobile Applications Poses Security Issues

Users’ data might be more at risk than they realize. A new study shows that three quarters of mobile application have insecure data storage issues, putting passwords, financial information, personal data, and correspondence at risk.

By Kaitlyn DeHaven
Jun 24, 2019

Three quarters of mobile applications have vulnerabilities that could allow hackers to steal sensitive information from both Android and Apple users.

Researchers discovered and listed these insecure data storage problems in their report Vulnerabilities and Threats in Mobile Applications 2019.

According to the report, the most common issue in mobile applications is insecure data storage. 76 percent of mobile applications had insecure data storage, putting passwords, financial information, personal data, and correspondence at risk.

In addition, high-risk vulnerabilities were found in 38 percent of mobile applications for iOS and in 43 percent of Android applications.

Users may not believe they are at risk unless their phone is physically stolen, but in reality, 89 percent of vulnerabilities can be exploited using malware, with no physical access needed.

The vulnerabilities have been classified as medium risk by researchers, but 29 percent of tested applications have been found to contain what has been classed as a high risk – insure interprocess communication.

Leigh-Anne Galloway, cybersecurity resilience lead at Positive Technologies, told ZDNet that since developers pay less attention to data insecurity, users must take steps to secure their own data.

“Developers pay painstaking attention to software design in order to give us a smooth and convenient experience and people gladly install mobile apps and provide personal information. However, an alarming number of apps are critically insecure, and far less developer attention is spent on solving that issue,” Galloway said. “We recommend that users take a close look when applications request access to phone functions or data. If you doubt that an application needs access to perform its job correctly, decline the request.”

About the Author

Kaitlyn DeHaven is the Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

Report: Advanced Phishing Attacks Grew By 356 Percent in 2022

A report recently published by Perception Point, a provider of advanced threat prevention across digital channels, has identified a 356% growth in the amount of advanced phishing attacks attempted by threat actors in 2022. Overall, the total number of attacks increased by 87%, highlighting the growing threat that cyber-attacks now pose to organizations. Read Now
- Cybersecurity
DHS Announces First Department-Wide Policy on Body-Worn Cameras

As required by President Biden’s Executive Order on Advancing Effective, Accountable Policing and Criminal Justice Practices to Enhance Public Trust and Public Safety, Secretary of Homeland Security Alejandro N. Mayorkas recently announced the first Department-wide policy on Body-Worn Cameras (BWCs) for its law enforcement officers and agents. Read Now
- Government
Federal Agencies Reported More Than 30,000 Cyber Incidents In FY22

In the fiscal year 2022, Federal agencies saw fewer cyber incidents overall, which decreased by around 6%. Read Now
- Cybersecurity
- Government
The Need for a Comprehensive Strategy Addressing Cybersecurity and Quantum Technology

Over the past two years, the Biden Administration has taken a series of steps centered on quantum and cybersecurity. Read Now
- Cybersecurity

Webinars

Seneca,Nvidia

Simple Selling with Seneca Vision AI Validated Solutions
Hanwha Vision (formerly Hanwha Techwin)

New Ways to Train an Effective Security Team
Hanwha Vision (formerly Hanwha Techwin)

Seeing Beyond Your Perimeter

Whitepapers

Vicon Industries

Superior Security Begins with a Single Pane of Glass
Hytera

Push-to-Talk Over Cellular (PoC) for Security Professionals
Winsted Corporation

Top Considerations When Designing an Ergonomic Control Room

New Products

Camden Door Controls ‘SER” Surface Boxes and Extension Rings

Camden Door Controls has introduced new ‘SER” surface boxes and extension rings that provide a complete solution for new construction. In addition, they provide a simple and robust solution when replacing round wired and manual push plate switches with either Camden’s wired or wireless SureWave™ no-touch switches or Kinetic™ no-battery wireless switches. 3
QCS7230 System-on-Chip (SoC)

The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge. 3
LiftMaster Garage Door Opener

LiftMaster Transforms the Garage Door Opener Into a Sleek Smart Home Device That Does More Than Open and Close the Garage Door 3

Insecure Data Storage in Mobile Applications Poses Security Issues

Former TSA Executive Joins K2 Security Screening Group

New i-PRO FlexPay Financing Offers a Path to Security System Ownership, Reduces Future Debt

At Brinks Home™ Our Security Systems Work So You Don’t Have To