Android Cyber Vulnerability: Commentary From Expert

A new vulnerability, called Strandhogg, has been found to give cyber attackers the ability to create fake login screens that can be inserted into legitimate apps to steal login details and harvest data.

Experts Comments

December 03, 2019
Shlomie Liberow
Technical Program Manager
HackerOne
A fair bit of skepticism should be applied when downloading any application to your phone, but unfortunately there may be some apps that slip through and give a false sense of authenticity. When installing applications, it is important to note the permissions it is requesting. As an example, an alarm clock app requesting access to your photos or location is a huge red flag – think about what the application actually needs access to. In addition, often malicious apps can give away tell-tale.....Read More
A fair bit of skepticism should be applied when downloading any application to your phone, but unfortunately there may be some apps that slip through and give a false sense of authenticity. When installing applications, it is important to note the permissions it is requesting. As an example, an alarm clock app requesting access to your photos or location is a huge red flag – think about what the application actually needs access to. In addition, often malicious apps can give away tell-tale signed such as a drained battery. These apps are likely to operate in the background and are constantly running in order to steal data and access files. Mobile operating systems have come a long way in terms of safety in recent years but good old fashioned vigilance and wariness will do a lot to avoid any bad actors that are taking advantage of vulnerabilities.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.