This report focuses on the Appthority Mobile Threat Team’s latest discovery, a new variant of the HospitalGown vulnerability which occurs when app developers fail to require authentication to a Google Firebase cloud database.

Appthority analyzed the security risks of the Uber app and its integration with other apps in this quarter’s enterprise mobile threat update. What they found may surprise you.

Beginning with the Strava cyber incident, this paper seeks to provide insight into how personal device data can cause a crisis with company data.

This paper discusses the new threat vector that has been created by bringing an enterprise into the mobile age.

The Appthority Enterprise Mobile Security Pulse Report is based on millions of mobile security scans Appthority performs each quarter for its enterprise customers. The report includes app, device and network data as well as their proprietary Mobile Threat Risk Score which measures the highest risk from thousands of data points during our deep app analysis.

This report is based on millions of mobile security scans Appthority performs each quarter for its enterprise customers. The report includes app, device and network data as well as their proprietary Mobile Threat Risk Score which measures the highest risk from thousands of data points during application analysis.

This report focuses the vulnerability that they call “Eavesdropper.” The Eavesdropper vulnerability is due to the hardcoding of credentials in mobile apps that are using the Twilio Rest API as well as some using the Twilio SDK. This vulnerability exposes massive amounts of current and historic data, including sensitive call and messaging data.

From the report, “The Appthority Mobile Threat Team analyzed iOS apps in enterprise environments and found over 24,000 unique apps that access various types of user data, such as the calendar, bluetooth and photos, for advertising. These twenty-four thousand apps are just those that are up front with the user about requesting permission to access data for advertising purposes. Over 70% of enterprise environments contain these apps.”

In this whitepaper, they explain why enterprises need to take a mobile first approach to the security of employees and the data they access and share via apps on their mobile devices. They’ll show you why relying on network traffic analysis alone is insufficient to protect against mobile app threat risk, leaving blind spots that weaken your security posture in an increasingly mobile-centric world.

This paper seeks to aid organizations with analyzing mobile use and GDPR Compliance.