(Total Views: 350)
Posted On: 11/11/2017 7:49:41 PM
Post# of 82676
Interesting...from a Newsletter...On Thursday, the cybersecurity company Appthority broadcasted a warning: A simple coding error — one that’s in at least 685 smartphone apps — that put about 180 million users at risk of being hacked.
Their private calls and text messages were vulnerable.
So what exactly happened?
It seems developers accidentally coded credentials for accessing services provided by Twilio, a cloud communication platform that serves 40,000 businesses globally.
Cybercriminals could easily access those credentials by reviewing the code in the apps — and steal any data sent over those services. To be clear, this only affected calls and texts made inside apps that use Twilio’s messaging services.
Possible victims include users of the AT&T Navigator App — which comes with most Android phones. More than a dozen GPS navigation apps provided by Telenav are also at risk.
These apps have been installed a whopping 180 million times on Androids. (We don’t have the number for iPhones.)
And the more I read about this coding mistake, the more troubling it seems.
Business apps for recording calls, like Wrappup and RingDNA, were at risk.
Appthority also found credentials have been coded for about 902 developer accounts that use Amazon Web Services. Those credentials could access app user data stored within Amazon.
Their private calls and text messages were vulnerable.
So what exactly happened?
It seems developers accidentally coded credentials for accessing services provided by Twilio, a cloud communication platform that serves 40,000 businesses globally.
Cybercriminals could easily access those credentials by reviewing the code in the apps — and steal any data sent over those services. To be clear, this only affected calls and texts made inside apps that use Twilio’s messaging services.
Possible victims include users of the AT&T Navigator App — which comes with most Android phones. More than a dozen GPS navigation apps provided by Telenav are also at risk.
These apps have been installed a whopping 180 million times on Androids. (We don’t have the number for iPhones.)
And the more I read about this coding mistake, the more troubling it seems.
Business apps for recording calls, like Wrappup and RingDNA, were at risk.
Appthority also found credentials have been coded for about 902 developer accounts that use Amazon Web Services. Those credentials could access app user data stored within Amazon.
(0)
(0)
Scroll down for more posts ▼