Mumbai: As apps become an integral part of our everyday lives, they also become the easy targets for hackers too.
A TrendMicro report says that in the second quarter, vulnerabilities in web apps were just as dangerous as those in software with very large user base.
Not only apps, but mobile devices weren’t spared from the same types of bugs as those seen for web apps and software.
According to the report, vulnerabilities were seen in over 600 million Samsung mobile devices. The Samsung swiftkey vulnerability could allow would-be attackers to run malicious code via man-in-the-middle attacks on vulnerable devices.
Vulnerability was seen in the Apache Cordova app framework, which was uncovered recently and allowed attackers to modify apps with just a click on a wrong URL.
This attack affected a majority of Cordova-based apps, which accounted for more than 5% of all Google Play apps and led to the birth of memory corruption bug CVE, which has the potential to crash apps on affected devices.
The report also said that iOS device users were also in a fix after huge holes were found in the application sandboxes that could allow potential attackers to create apps that steal keychain and password content.
According to Pawan Kinger, Director, Deep Security Labs, “Attackers leverage vulnerabilities and weaknesses in all platforms. They just need a way to get in. Enterprises must be very watchful of vulnerabilities in the core software and plug-ins that they use. We should not forget that vulnerabilities in custom application (mainly web apps) are also very high in number and a lot of them don’t make it to the CVE list.”