Never miss a story

Get subscribed to our newsletter


×
Facebook, Messenger and Instagram apps are displayed on an iPhone, March 13, 2019, in New York. VOA

Check Point Research on Thursday said it found the latest versions of some of the most famous apps in the world on Google’s Play Store, including Facebook and Instagram, to have vulnerabilities that were believed to have been patched earlier.

The research shows that threat actors can still execute code on the latest versions of mobile applications on Play Store, despite the updates those mobile apps have pushed to people.


In short, threat actors can gain administrative control over the mobile applications studied by Check Point Research.

Theoretically, hackers can steal and alter posts on Facebook, extract location data from Instagram and read SMS messages in WeChat, said the research.

In a month-long study, Check Point Research cross-examined the latest versions of these high-profile mobile for three known remote control execution (RCE) vulnerabilities dating from 2014, 2015 and 2016.

Each vulnerability was assigned two signatures. Then, Check Point Research ran its static engine to examine hundreds of mobile applications in Google’s Play Store to see if old, vulnerable code was present in the latest version of the application.


An iPhone displays the app for Facebook in New Orleans, Aug. 11, 2019. VOA

Check Point Research found vulnerable code, which was claimed to patched, present in the latest versions of popular mobile application.

For now, Check Point urges people to install an antivirus-app that monitors vulnerable apps on the phone.

“Mobile app stores and security researchers do proactively scan apps for malware patterns, but devote less attention to long-known critical vulnerabilities. Unfortunately, this means there’s not much the end user can do to keep his mobile device fully secure,” said the research.

Also Read: Google Announces to Pay $1 Million for Finding Bugs in Pixel Phones

Check Point Research said it informed the applications as well as Google about the vulnerabilities.

The revelations come amid a snooping controversy that hit WhatsApp after Israeli spyware Pegasus exploited vulnerability in the messaging platform, affecting 1,400 select users globally, including over 100 in India. (IANS)


Popular

Photo by febri sym on Unsplash

Achieving soft, beautiful and happy skin is a dream for most of us or at least a long-pending item on our wish list.

Achieving soft, beautiful and happy skin is a dream for most of us or at least a long-pending item on our wish list. While there are lot of suggestions, a laundry list of do's and don'ts to follow, there are some basics that don't change. We have to understand that happy skin is a holistic process that requires one to work on building healthy habits combined with good skincare.

Here's a ready reckoner by ITC Fiama of tried and tested skincare habits that will serve as a reminder that skincare doesn't need to be complicated, it just needs to be consistent.


* Cleanse & Moisturise -- The first and the simplest step towards healthy skin is regular cleansing and moisturising, it is advisable to use a moisturizing body soap that ensures your skin gets the right nutrients and remains supple and nourished. A great product suited to this requirement is Fiama Gel Bathing Bar, which is enriched with nature's goodness. Fiama's bathing bars come in 5 variants and they help moisturize the skin making it appear soft, happy and bouncy.

Keep Reading Show less
Photo by Pixabay

It is true that street performances has been existing in India since ancient times. But, it was Philip Astley who brought the concept of circus in India in the 1880s. Interestingly, Astley is known as the father of modern circus.

Birth of the Great Indian Circus

Keep Reading Show less
Unsplash

API security testing is a process that checks API functions for security vulnerabilities.

By- Naman Rastogi

The first thing to understand about API security testing is that it is not a one-size-fits-all process. Testers must take into account the scope of the project, as well as the specific needs of developers and end-users. This article will provide you with some basic guidelines for an API security testing program. It will also outline some API security tests that you should consider including in your API testing process.

Keep reading... Show less