Application Security This Week for March 1

From @baskarmib on Twitter, we have an example of malware that will steal your Google authenticator codes.

https://www.zdnet.com/google-amp/article/android-malware-can-steal-google-authenticator-2fa-codes/?__twitter_impression=true

 

OK, I know we have a love hate relationship with ISC2, but they put opuur a cloud security paper, and it is really good.

https://blog.isc2.org/isc2_blog/2020/02/white-paper-on-cloud-security-risks-and-how-to-mitigate-them.html

 

Google is now explicitly suggesting that developers encrypt data used by their applications, on the device.

https://thehackernews.com/2020/02/android-app-data-encryption.html?m=1

 

Lots of Google today.  Their security team has a good whitepaper on malicious document detection.

https://security.googleblog.com/2020/02/improving-malicious-document-detection.html

 

Finally, if you aren't getting Violet Blue's weekly security roundup, you are missing out.  Lots of good stuff.

https://www.patreon.com/posts/cybersecurity-25-34318466

 

That's the news, folks.  Stay safe.

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList