Source |
Network World |
Identifiant |
293877 |
Date de publication |
2017-01-17 10:10:44 (vue: 2017-01-17 10:10:44) |
Titre |
Sensitive access tokens and keys found in hundreds of Android apps |
Texte |
Many developers still embed sensitive access tokens and API keys into their mobile applications, putting data and other assets stored on various third-party services at risk.A new study performed by cybersecurity firm Fallible on 16,000 Android applications revealed that about 2,500 had some type of secret credential hard-coded into them. The apps were scanned with an online tool released by the company in November.Hard-coding access keys for third-party services into apps can be justified when the access they provide is limited in scope. However, in some cases, developers include keys that unlock access to sensitive data or systems that can be abused.To read this article in full or to leave a comment, please click here |
Envoyé |
Oui |
Condensat |
000 500 about abused access android api applications apps article assets can cases click coded coding comment company credential cybersecurity data developers embed fallible firm found full had hard here however hundreds include justified keys leave limited many mobile new november online other party performed please provide putting read released revealed risk scanned scope secret sensitive services some stored study systems them third tokens tool type unlock various when |
Tags |
|
Stories |
|
Notes |
|
Move |
|