Vulnerabilities in Mobile Apps Worry Security Pros
As technology continues its breakneck pace of change, the threats keep evolving. Vulnerabilities in mobile applications are being increasingly exploited, and the Angler exploit kit is picking up where Blacole left off. In addition, the increasingly aggressive posture of potentially unwanted programs (PUPs) means that those seemingly harmless apps may not be that harmless after all. Intel Security's latest "McAfee Labs Threats Report," which summarizes McAfee Labs' 2014 findings, suggests those are three trends that information security teams should keep their eyes on. But it's clear that McAfee considers the alarming lack of patches issued for vulnerabilities in even the most popular mobile apps—some of which boast hundreds of millions of users—as the top concern. There's a lot at stake here, including the social contract that causes users to trust mobile apps. "Mobile app developers must take greater responsibility for ensuring that their applications follow the secure programming practices and vulnerability responses developed over the past decade," said Vincent Weafer, senior vice president of McAfee Labs. By doing so, he said, apps developers can "provide the level of protection required for us to trust our digital lives with them."