You are here: Blog Josh Coppage WARNING: A New Zero-Day Threat is On the Loose

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Print

Basic Errors Have Made Hundreds of Applications a Risk to Data

Voyage Technology Blog Security
0 Comments
Basic Errors Have Made Hundreds of Applications a Risk to Data

Earlier this year, it became known that almost 2,000 mobile applications suffered from some type of security threat, thus putting a lot of sensitive data on the line. Let’s examine how you can ensure that your business doesn’t suffer from mobile app security issues.

Access Permissions Are the Major Culprit

Apps are not fully hosted on your device the way a desktop application might be on your computer. Rather, they are hosted in the cloud, and the app itself is more of a hard-coded shortcut that allows you access to the data or service provided by the application.

At least, that’s just how it should work in theory. According to Broadcom’s Symantec Threat Hunter, this type of single-purpose login process allows hackers to access all of the files that a cloud service contains, including company data, backups of databases, and system controls.

The scariest part is that multiple apps use the same publicly available software development kits, or SDKs, and many apps are built by the same company, allowing these login credentials to be used for multiple different types of applications and services found on the same infrastructure.

So, if a hacker were to gain access to one of the access tokens used by a company, they could potentially gain access to all of the applications which that access token provides access to.

Research conducted on Android and iOS platforms found around 2,000 applications that had their credentials hard-coded to Amazon Web Services (around three-quarters of those granting access to private cloud providers, and half of those granting access to private files), half of which also contained access tokens for unrelated applications.

What Can You Do to Protect Your Business?

Naturally, you don’t want someone to be able to access your company’s private data or the data you’ve collected from clients, employees, or other interested parties. Naturally, you should have some level of control over who within your organization can access what data.

Let’s look at it this way; the human resources department at your business might need access to employee information, but nobody else should be able to access that data. The same can be said for other data, too, according to the employee’s role within the company. The fewer people who have access to data, the less likely you are to expose said data to a security breach.

So, long story short, to keep your data safe from these types of mobile application exploits, control who can and cannot access specific data.

To learn more about how you can protect your business, call Voyage Technology at 800.618.9844.

Tweet
Tags:
Data Current Events Mobile Device
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, 20 September 2025

Captcha Image

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Business Computing Data Business Productivity Software Innovation Hackers Cloud Network Security User Tips Hardware Efficiency Internet Malware IT Support Privacy Google Computer Phishing Email Workplace Tips IT Services Collaboration Hosted Solutions Users Ransomware Workplace Strategy Mobile Device Microsoft Quick Tips Small Business Passwords Backup Saving Money Cybersecurity Communication Data Backup Smartphone Managed Service Android Productivity Upgrade VoIP Business Management Smartphones Mobile Devices communications Disaster Recovery Data Recovery Social Media Windows Browser Microsoft Office Managed IT Services AI Current Events Network Remote Tech Term Internet of Things Automation Artificial Intelligence Facebook Holiday Miscellaneous Gadgets Cloud Computing Information Covid-19 Remote Work Training Server Managed Service Provider Outsourced IT Employee/Employer Relationship Compliance Encryption Spam Office Windows 10 IT Support Business Continuity Data Management Government Business Technology Bandwidth Windows 10 Virtualization Blockchain Wi-Fi Two-factor Authentication Mobile Office Data Security Apps Vendor Tip of the week Chrome Mobile Device Management Managed Services Budget Voice over Internet Protocol Gmail Apple Networking App Employer-Employee Relationship BYOD Applications Information Technology Hacker Access Control Avoiding Downtime Office 365 Marketing Conferencing How To WiFi BDR HIPAA Computing Virtual Private Network Risk Management Computers 2FA Health Help Desk Office Tips Analytics Website Augmented Reality Retail Storage Password Healthcare Bring Your Own Device Managed IT Services Big Data Operating System Router Customer Service Display Windows 11 Printer Paperless Office Infrastructure Monitoring Excel Document Management Remote Workers Firewall Telephone Scam Data loss Cooperation Free Resource The Internet of Things Project Management Windows 7 Going Green Patch Management Social Save Money Microsoft 365 Remote Monitoring Vulnerability End of Support Vendor Management Solutions Cybercrime Physical Security Cryptocurrency User Tip Modem Hacking Computer Repair Mobile Security Processor Presentation Virtual Desktop Holidays Supply Chain Data storage LiFi Wireless Technology Data Storage Smart Technology Outlook Video Conferencing Machine Learning Managed Services Provider Money Saving Time Virtual Machines Professional Services Word Humor Managed IT Service Maintenance Antivirus Sports Downloads Mouse iPhone Licensing Safety Data Privacy Entertainment Administration Vulnerabilities Images 101 Telephone System Multi-Factor Authentication Robot Mobility Cost Management Settings Printing Wireless Content Filtering IT Management Customer Relationship Management VPN Employees YouTube Meetings Integration Username Managing Costs Outsource IT Point of Sale eCommerce Environment 5G Black Friday SSID Media Experience Virtual Assistant Google Docs Unified Communications Database Surveillance Bitcoin Network Management Running Cable Tech Support IT Technicians Virtual Machine User Small Businesses Google Wallet Proxy Server Reviews Cookies Displays Monitors Cyber Monday Medical IT Hotspot Transportation Tactics Development Windows 8 IP Address Laptop Websites Mirgation Hypervisor Outsourcing Drones Shopping Nanotechnology Optimization PowerPoint Electronic Medical Records Language Employer/Employee Relationships Workplace SharePoint Addiction Management PCI DSS Halloween Chatbots Recovery Hiring/Firing Navigation Paperless Lenovo Gig Economy Screen Reader Hard Drives Writing Distributed Denial of Service Virtual Reality Computing Infrastructure Teamwork Co-managed IT Service Level Agreement Internet Service Provider Domains Hacks Server Management Regulations Compliance Scary Stories Private Cloud Identity Technology Care Evernote Business Communications Superfish Bookmark Identity Theft Smart Tech Memes Refrigeration Fun Twitter Alerts SQL Server Scams Deep Learning Download Net Neutrality Public Speaking Financial Data Lithium-ion battery Error History Hybrid Work Human Resources Browsers Smartwatch Education Connectivity IT Social Engineering Break Fix Entrepreneur Remote Computing Azure Cables Upload Procurement Mobile Computing Social Network Telework Cyber security Multi-Factor Security Tech Google Apps CES Tablet IoT Communitications Undo Search Dark Web Alert IT Maintenance Best Practice Trends Supply Chain Management Managed IT Customer Resource management FinTech Buisness File Sharing Regulations Business Intelligence Dark Data Google Calendar Term Shortcuts Legal Data Analysis IT solutions Star Wars IT Assessment How To Microsoft Excel Notifications Staff Value Ransmoware Business Growth Gamification Flexibility Organization Travel Social Networking Application Vendors Legislation Be Proactive Techology Fileless Malware Digital Security Cameras Google Maps Smart Devices Cortana IBM Wearable Technology Memory Workforce Alt Codes Content Remote Working Health IT Downtime Unified Threat Management Motherboard Data Breach Threats Comparison Google Play Workplace Strategies Unified Threat Management Directions Videos Hosted Solution Assessment Electronic Health Records Permissions Typing Wasting Time Meta Trend Micro Amazon Network Congestion Specifications Security Cameras Knowledge Fraud Google Drive User Error Microchip Internet Exlporer Software as a Service Competition

Blog Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015