Rogueware has been reborn in the Android ecosystem, particularly on Google Play. This research paper reveals that hundreds of antivirus and optimization tool apps on Google Play mislead users into believing that they have a virus or performance problems on their devices to manipulate them to install other fake tools.

This report seeks to aid the reader in developing a better way to create apps and not compromise on security.

This is a threat advisory for Thomas Cook Ltd. Mobile Apps & Website

This report deals with mobile healthcare apps and their ability to be easily hacked.

This report focuses the vulnerability that they call “Eavesdropper.” The Eavesdropper vulnerability is due to the hardcoding of credentials in mobile apps that are using the Twilio Rest API as well as some using the Twilio SDK. This vulnerability exposes massive amounts of current and historic data, including sensitive call and messaging data.

This report discusses the malicious Bots in 2018 and how they can impact the eCommerce sector.

This report offers a guide to understanding the importance of email archiving.

This mobile security report provides insights into the events of 2017.

This guide gives specific recommendations to use during your development process. The descriptions of attacks and security recommendations in this report are not exhaustive or perfect, but you will get practical advice that you can use to make your apps more secure.

This is an overview of the Swearing Trojan infecting mobile banking.

This is a threat advisory for The Fork

From the report, “We present this report, gleaned from our database of mobile security intelligence, to help IT and security pros make informed decisions about managing and securing mobile devices, mobile apps, and their enterprises’ mobile ecosystem.”

Shap Security has a unique position to talk about credtial spills. This paper provides a breakdown of their experiences with the credential spill issues of 2017.

Focussing on Bad Bots, this report offers some updated insights into the current bad bot statistics and situations.

Arxan and iThreat Cyber Group (ICG) analyzed data collected by ICG over the past 3.5 years that looked at the distribution of pirated software and digital assets on the Dark Web (i.e., the portion of content on the World Wide Web that is not indexed by standard search engines) and indexed sites that are focused on distributing pirated releases.

From the report, “The Appthority Mobile Threat Team analyzed iOS apps in enterprise environments and found over 24,000 unique apps that access various types of user data, such as the calendar, bluetooth and photos, for advertising. These twenty-four thousand apps are just those that are up front with the user about requesting permission to access data for advertising purposes. Over 70% of enterprise environments contain these apps.”

This is Mary Meeker’s annual report on Internet Trends.

This report provides insights into the security issues surrounding Mobile Banking.

This report takes a good look at Open Banking, it defines what it is, and considers the security implications for using it.

In this whitepaper, they explain why enterprises need to take a mobile first approach to the security of employees and the data they access and share via apps on their mobile devices. They’ll show you why relying on network traffic analysis alone is insufficient to protect against mobile app threat risk, leaving blind spots that weaken your security posture in an increasingly mobile-centric world.

From the report, “In this report we provide a broad view of the 2015 threat landscape, ranging from industry-wide data to a focused look at different technologies, including open source, mobile, and the Internet of Things. The goal of this report is to provide security information leading to a better understanding of the threat landscape, and to provide resources that can aid in minimizing security risk.”