Connect with us

Hi, what are you looking for?

Tech & Science

High level vulnerability within Google’s play core library (Includes interview)

The actions taken prevented malicious apps within the same Android device from exploiting the vulnerability and stealing private information (i.e. passwords, credit card numbers) from inside the application. The vulnerability was noted by Oversecured constructing a proof-of-concept app using a few lines of code and tested the vulnerability on Google Chrome for Android.

Looking into this issue for Digital Journal, Casey Ellis, CTO and Founder of Bugcrowd, says that the case highlights the importance.

Ellis explains that: “The fast-acting measures of Oversecured represent just how critical security researchers are to making the virtual community a safer place. The severity of this vulnerability had the potential to devastate millions of users, as well as expose private information on apps within the device.”

The researcher adds that the activity “emphasizes the necessity for Vulnerability Disclosure Programs, or VDPs, which establish an open line of communication between the community of security researchers and organizations.”

This process allows actions to be taken, Ellis explains: “By doing so, researchers can proactively report such vulnerabilities and organizations can fix them – before they’re exploited by bad actors.”

Responses also need to fast and consistent, Ellis adds: “While speed is the natural enemy of security, the best way to improve your organization’s security posture and beat attackers is by thinking like one. Even organizations with in-house security teams can benefit from the help of external security researchers, otherwise known as ethical hackers.”

With the specific case Ellis says: “In this instance, having a VDP allowed Google to quickly address the vulnerability and avoid what could have been a detrimental database exposure for some of the most popular apps in the Android app store.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

This is how to make the clutter look neat, and the neatness bearable.

Entertainment

Actor Jo Weil ("Verbotene Liebe") chatted about his latest projects and his new novel.

World

The assassination attempt on Donald Trump has upended Joe Biden's campaign by forcing it to dial down attacks.

World

A Military Police officer patrols a street in the Cidade de Deus (City of God) favela inRio de Janeiro - Copyright AFP/File Rebecca DROKESome...