Applications have won mobile, that’s no longer news. As most organizations leverage mobile apps to enhance their users’ online experience, the whole mobile ecosystem is evolving accordingly. Cybercriminals and greedy individuals see in applications a surface to make money out of. Governments see in this surface a big risk for data privacy. Users trust in companies’ capacity to keep their information safe.
FaceApp is currently highly questioned in the press. A lot of articles and some American politicians relate that the Russian mobile application collects and exfiltrates its users’ personal data, without specifying which. Real threat or fake news? The FaceApp security analysis performed by the Pradeo Security engine clarifies things. Here is a part of it.
Official Press Release here.
Pradeo’s new mobile threat intelligence services provide deep and accurate insights on mobile threats, offering companies visibility on the mobile environment, thus enabling effective counter-threat responses.
Updated on June 7th: Following the announcement of these discoveries, the "Peel Smart Remote" mobile application was removed from Google Play.
The Peel Smart Remote app is a widely used Google Play application (100M+ installs) that has often made the news because of its highly intrusive behaviors, such as full screen overlays and untimely advertising, causing poor user experience.
Last week, the Pradeo Security engine alerted its users about severe security issues discovered in the app’s 10.7.3.3 version. It has been found that the application collects and leaks users’ pictures to a server that does not belong to the app publisher. Last Friday, the application was updated on the Google Play store (now version 10.7.4.2), the leaky behavior has been removed from the code but yet no communication was made by the company on this matter. Because applications’ update is not automatic on all Android devices, millions of users running the former version of the app are still currently exposed.
The Unified Endpoint Management (UEM) model has known a steady growth in its popularity, taking further the management capacities of the Enterprise Mobility Management (EMM) by including not only the company’s mobile devices but also the laptops and desktops devices within the same solution. The UEM solution allows for increased efficiency, more cost-effectiveness and a better mobile security within an organization, this last point being further improvable through the adjunction of a mobile security solution such as a Mobile Threat Defense (MTD) solution.