1. https://appdevelopermagazine.com/security
  2. https://appdevelopermagazine.com/new-security-report-reveals-increased-threat-for-mobile-applications-/
2/21/2016 8:06:11 AM
New Security Report Reveals Increased Threat for Mobile Applications
Secure Apps,Vulnerabilities,Hewlett Packard,Malware
/HPE-Security-Report-App-Developer-Magazine_oldrlfov.jpg
App Developer Magazine

Security

New Security Report Reveals Increased Threat for Mobile Applications


Sunday, February 21, 2016

Stuart Parkerson Stuart Parkerson


According to a new cyber security report, mobile applications increasingly have become top security threats plaguing enterprises over the past year. The details are outlined in the recently published Hewlett Packard Enterprise (HPE) Cyber Risk Report 2016.

As the company points out in the report, traditional network perimeters are disappearing allowing attack surfaces to grow, providing increasing challenges for IT security professionals in efforts to protect users, applications and data.

The Cyber Risk Report examined the 2015 threat landscape providing intelligence around areas of risk including application vulnerabilities, security patching and the growing monetization of malware. The report also highlights important industry issues such as new security research regulations, the "collateral damage" from high profile data breaches, shifting political agendas, and the ongoing debate over privacy and security.

According to the report, while web applications pose significant risk to enterprises, mobile applications present a rapidly growing and distinctive risk. Mobile applications' frequent use of personally identifiable information presents significant vulnerabilities in the storage and transmission of private and sensitive information as seen by: 

- Approximately 75 percent of the mobile applications scanned exhibited at least one critical or high-severity security vulnerability, compared to 35 percent of non-mobile applications.

- Vulnerabilities due to API abuse are much more common in mobile applications than web applications, while error handling -- the anticipation, detection, and resolution of errors -- is more often found in web applications.

Software vulnerability exploitation continues to be a primary vector for attack, with mobile exploits gaining traction:


- Similar to 2014, the top ten vulnerabilities exploited in 2015 were more than one year old, with 68 percent being three years old or more.

- In 2015, Microsoft Windows represented the most targeted software platform, with 42 percent of the top 20 discovered exploits directed at Microsoft platforms and applications.

- 29 percent of all successful exploits in 2015 continued to use a 2010 Stuxnet infection vector that has been patched twice.

Malware has evolved from being simply disruptive to a revenue-generating activity for attackers. While the report shows the overall number of newly discovered malware samples declined 3.6 percent year-over-year, the attack targets shifted in line with evolving enterprise trends and focused heavily on monetization. Trends show that as the number of connected mobile devices expands, malware is diversifying to target the most popular mobile operating platforms: 

- The number of Android threats, malware, and potentially unwanted applications have grown to more than 10,000 new threats discovered daily, reaching a total year-over-year increase of 153 percent. 

- Apple iOS represented the greatest growth rate, with a malware sample increase of more than 230 percent.

- Malware attacks on ATMs use hardware, software loaded onto the ATM, or a combination of both to steal credit card information. In some cases, attacks at the software level bypass card authentication to directly dispense cash.

- Banking Trojans, such as variants of the Zbot Trojan, continue to be problematic despite protection efforts. More than 100,000 of these were detected in 2015.

- Ransomware is an increasingly successful attack model, with several ransomware families wreaking havoc in 2015 by encrypting files of consumer and corporate users alike. Examples include: Cryptolocker, Cryptowall, CoinVault, BitCryptor, TorrentLocker, TeslaCrypt, and others.

New Security Report Reveals Increased Threat for Mobile Applications




Read more: http://www8.hp.com/us/en/software-solutions/cyber-...




Subscribe to App Developer Magazine

Become a subscriber of App Developer Magazine for just $5.99 a month and take advantage of all these perks.

MEMBERS GET ACCESS TO

  • - Exclusive content from leaders in the industry
  • - Q&A articles from industry leaders
  • - Tips and tricks from the most successful developers weekly
  • - Monthly issues, including all 90+ back-issues since 2012
  • - Event discounts and early-bird signups
  • - Gain insight from top achievers in the app store
  • - Learn what tools to use, what SDK's to use, and more

    Subscribe here



Stay Updated

Sign up for our newsletter for the headlines delivered to you

SuccessFull SignUp

Featured Stories


AI Executive Order aims to balance security and innovation
AI Executive Order aims to balance security and innovation Monday, June 29, 2026


Top manufacturing trends for 2026
Top manufacturing trends for 2026 Tuesday, June 23, 2026


API scoring tool shows if your API is ready for AI
API scoring tool shows if your API is ready for AI Monday, June 22, 2026




Agentic AI Reality Check: The Million-Dollar Mistake Hiding Inside ERP
Agentic AI Reality Check: The Million-Dollar Mistake Hiding Inside ERP Friday, June 19, 2026


Influencer Debate AI Anthropic IPO Reveals Industry Concerns
Influencer Debate AI Anthropic IPO Reveals Industry Concerns Wednesday, June 17, 2026


Subscription apps are losing users faster than ever
Subscription apps are losing users faster than ever Tuesday, June 16, 2026


DomainTools announces real time threat feeds
DomainTools announces real time threat feeds Monday, June 15, 2026


Take It Down Act results in warning letters from FTC
Take It Down Act results in warning letters from FTC Friday, June 12, 2026


Nvidia valuation fears grow
Nvidia valuation fears grow Friday, June 12, 2026


Anthropic launches Claude Design
Anthropic launches Claude Design Wednesday, June 10, 2026


Get More App News