InfoSecBulletin Cybersecurity for mankind
ImmuniWeb has released Neuron Mobile, a security testing solution for mobile applications. It scans iOS and Android apps for OWASP Mobile Top 10 vulnerabilities and weaknesses. According to ImmuniWeb, Neuron Mobile is a fully automated solution that includes dynamic and static application security testing (DAST/SAST), along with software composition analysis (SCA) scanning capabilities. It guarantees a contractual zero false-positives SLA.
According to a press release, the vendor stated that Neuron Mobile harnesses the power of machine learning to detect advanced vulnerabilities that go beyond what traditional mobile security scanners can identify. The mobile application’s backend endpoints and APIs will undergo a comprehensive evaluation to ensure privacy, encryption, and compliance are upheld.
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed
ALERT
Thousands of IP addresses compromised nationwide: CIRT warn
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks
Critical RCE Flaw Patched in Roundcube Webmail
Hacker claim Leak of Deloitte Source Code & GitHub Credentials
CISA Issued Guidance for SIEM and SOAR Implementation
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora
Australia enacts mandatory ransomware payment reporting
Why Govt Demands Foreign CCTV Firms to Submit Source Code?
Mobile Neuron offers an annual subscription that includes access to ImmuniWeb’s security analysts and mobile security experts. This access provides support for mobile security testing, including vulnerability exploitation, remediation, and mobile app hardening.
Neuron Mobile is purportedly equipped with DevSecOps and CI/CD capabilities, boasting an extensive range of ready-to-use integrations that streamline the process of automating mobile security testing in software development cycles.
The ever-increasing prevalence of mobile security threats poses a significant risk to modern businesses. Smartphones and tablets, in particular, have become prime targets for cybercriminals seeking to exploit vulnerabilities and unleash devastating cyberattacks.
Half of organizations have had a security incident involving a phone or tablet, causing data loss, downtime, or other negative consequences, according to the Verizon 2022 Mobile Security Index. Mobile devices pose several security risks for organizations, including malware, social engineering, data leakage, and Wi-Fi interference. Additionally, the emergence of generative AI technology is expected to provide cybercriminals with new opportunities to attack mobile devices.
McAfee’s 2023 Consumer Mobile Threat Report reveals a major security risk for mobile devices: deceptive apps pretending to be genuine.
According to the report, cybercriminals have become more skilled in their tactics of infiltrating app stores. They employ encryption techniques to conceal malicious code from reviewers and strategically introduce delays to ensure that any harmful content remains hidden until after passing security tests. Some apps download additional malicious code after installation, while cybercriminals can infect legitimate apps by putting their code in third-party code libraries.
