You are currently viewing News apps above average in leaking user data report finds
Representation image: This image is an artistic interpretation related to the article theme.

News apps above average in leaking user data report finds

The study found that 87% of these apps leaked sensitive information, including passwords, credit card numbers, and other personal data.

  • Hard-coded credentials: Many apps store sensitive information, such as passwords and credit card numbers, in plain text.

    Vulnerabilities in News Apps

    The vulnerabilities in news apps can have serious consequences for users.

    It’s a necessary evil, but it’s not a priority.

    The Challenges of Mobile App Development and Cybersecurity

    Mobile app development and cybersecurity are two critical aspects of the digital landscape that often receive inadequate attention from news publishers. The lack of investment in these areas can have severe consequences, including data breaches, financial losses, and damage to the organization’s reputation.

  • Improved reader engagement
  • Enhanced user experience
  • Increased revenue through targeted advertising
  • Better data analysis and insights

    • However, mobile app development requires significant investment in terms of time, money, and resources.

    Vulnerabilities in News Apps

    News apps, like any other software, are not immune to vulnerabilities. These vulnerabilities can be exploited by malicious actors to carry out various types of attacks. The most common types of attacks include:

  • Information theft: This involves stealing sensitive information from users, such as login credentials, personal data, or financial information.
  • News manipulation: This involves altering or manipulating news content to spread false information or propaganda.
  • Denial of service: This involves overwhelming the app with traffic to make it unavailable to legitimate users.
    Exploiting Vulnerabilities

    • Vulnerabilities in news apps can be exploited in various ways. For example, a malicious actor may use a vulnerability to gain unauthorized access to a user’s account, or to spread false information to a large audience. • SQL injection attacks: These involve injecting malicious SQL code into a database to extract or modify sensitive data. • Cross-site scripting (XSS) attacks: These involve injecting malicious code into a website or app to steal user data or take control of the user’s session.

    Protecting User Data in the Face of Denial of Service Attacks

    Understanding the Threat

    Denial of Service (DoS) attacks are a type of cyber attack that targets a website or application by overwhelming it with traffic, rendering it inaccessible to legitimate users. This type of attack can be launched using various methods, including botnets, which are networks of compromised computers or devices that can be controlled remotely to carry out malicious activities.

    55% of storage endpoints were vulnerable to SQL injection attacks. 23% of storage endpoints were vulnerable to cross-site scripting (XSS) attacks. 20% of storage endpoints had weak passwords. 12% of storage endpoints had default passwords. 11% of storage endpoint were vulnerable to file inclusion vulnerabilities. 1.1% of storage endpoints were vulnerable to remote file inclusion (RFI) attacks. 4.2% of storage endpoints had weak encryption. 3.8% of storage endpoints had weak SSL/TLS configurations.

    Further details on this topic will be provided shortly.

    Leave a Reply