InfoSecBulletin Cybersecurity for mankind
ImmuniWeb has released Neuron Mobile, a security testing solution for mobile applications. It scans iOS and Android apps for OWASP Mobile Top 10 vulnerabilities and weaknesses. According to ImmuniWeb, Neuron Mobile is a fully automated solution that includes dynamic and static application security testing (DAST/SAST), along with software composition analysis (SCA) scanning capabilities. It guarantees a contractual zero false-positives SLA.
According to a press release, the vendor stated that Neuron Mobile harnesses the power of machine learning to detect advanced vulnerabilities that go beyond what traditional mobile security scanners can identify. The mobile application’s backend endpoints and APIs will undergo a comprehensive evaluation to ensure privacy, encryption, and compliance are upheld.
Hackers Earn $500,000 on First Day of Pwn2Own Ireland 2024
Fortinet + Crowdstrike team on protection from endpoint to firewall
Sophos to Acquire Secureworks in $859M
2nd time hacker breached Internet Archive
Vulnhuntr: A Tool for Finding Exploitable Vulnerabilities with LLMs
Critical Vulnerabilities in Bitdefender Total Security Expose Users to MITM
Microsoft’s Alarming Report: 600 Million Cyberattacks perday
CVE-2024-38814
VMware fixes high-severity SQL injection flaw in HCX
Over 90 Zero-Days, 40+ N-Days Exploited In The Wild
Oracle Security Update, 334 Vulnerabilities Patched
Mobile Neuron offers an annual subscription that includes access to ImmuniWeb’s security analysts and mobile security experts. This access provides support for mobile security testing, including vulnerability exploitation, remediation, and mobile app hardening.
Neuron Mobile is purportedly equipped with DevSecOps and CI/CD capabilities, boasting an extensive range of ready-to-use integrations that streamline the process of automating mobile security testing in software development cycles.
The ever-increasing prevalence of mobile security threats poses a significant risk to modern businesses. Smartphones and tablets, in particular, have become prime targets for cybercriminals seeking to exploit vulnerabilities and unleash devastating cyberattacks.
Half of organizations have had a security incident involving a phone or tablet, causing data loss, downtime, or other negative consequences, according to the Verizon 2022 Mobile Security Index. Mobile devices pose several security risks for organizations, including malware, social engineering, data leakage, and Wi-Fi interference. Additionally, the emergence of generative AI technology is expected to provide cybercriminals with new opportunities to attack mobile devices.
McAfee’s 2023 Consumer Mobile Threat Report reveals a major security risk for mobile devices: deceptive apps pretending to be genuine.
According to the report, cybercriminals have become more skilled in their tactics of infiltrating app stores. They employ encryption techniques to conceal malicious code from reviewers and strategically introduce delays to ensure that any harmful content remains hidden until after passing security tests. Some apps download additional malicious code after installation, while cybercriminals can infect legitimate apps by putting their code in third-party code libraries.
