The Android Mobile Security Scare
The security of the Android platform has recently come under fire as the DroidDream Trojan has infected numerous applications and Google has removed more than 50 apps from the marketplace as a result.
The likelihood that additional apps are infected with malware is high, and not entirely unexpected. Historically, cyber criminals have targeted Microsoft because it is such a popular platform and as a result, the return on bad guys’ efforts was much higher. The same holds true for the Android platform – it is incredibly popular and therefore provides more opportunity for criminals to make more money.
Mobile platforms are still relatively new and many users have yet to really understand that the man-in-the-mobile is a very real security threat. According to a study conducted late last year by Goode Intelligence, 68% of smart phone/tablet users who used their devices for work email were not even thinking about mobile security.
Even if users are thinking about security, there are concerns about where to even begin. As mobile devices operate on the Web, the same foundational Web security principles still apply. As an example, Silver Tail provides predictive security analytics for Web sessions, enabling users to identify abnormal session behavior and mitigate any attacks with a business logic rules-based approach. And most mobile applications interact with the web server – so Silver Tail Systems can see this traffic. So if malicious activity such as screen scraping were occurring during a mobile Web session, an administrator would be identified and could create a rule to combat any future screen scraping from occurring.
This applies not just to Android platforms, but any mobile devices connecting to the Web. While the mobile threat is a newer one – the folks behind the malware are the same. The threats will continue to evolve, but so will the security teams and providers that are fighting to protect the platforms that become the criminals’ newest targets.
About
Silver Tail is leading the fight against business logic abuse with 3rd generation fraud prevention.
Hackers are no longer high school kids trying to one-up their friends or criminals trying to just break-in to sites. Instead, today’s sophisticated hacker is organized crime, strategically targeting websites, stealing billions of dollars from companies and their customers. Vendors providing web application security and intrusion prevention have forced hackers to become much more innovative in their means of attacking websites. These hackers now target the legitimate business logic of websites to perpetrate their fraud, including hijack threats, velocity attacks and gaming schemes. Silver Tail is using the deep domain expertise of its team to provide software that combat business logic abuse in real-time.
Silver Tail was founded by a team of fraud prevention experts who built anti-fraud and anti-phishing tools at eBay and PayPal. Through their experience and proprietary algorithms, they have built a system that is scalable, minimizes false positive rates, and is extremely flexible to adapt to changing attack vectors.
Feedburner
RSS Feed
-
Archives
- May 2012 (5)
- April 2012 (7)
- March 2012 (13)
- February 2012 (6)
- January 2012 (4)
- December 2011 (7)
- November 2011 (8)
- October 2011 (9)
- September 2011 (5)
- August 2011 (7)
- July 2011 (7)
- June 2011 (6)
-
Categories
- behavior analysis
- business logic abuse
- Business Logic Flaw
- Business Process Abuse
- Compliance
- Cost of fraud
- Data Loss
- Detection
- education
- Fraud
- Gaming
- General
- information security
- Investigation
- Man-in-the-Browser
- Online Fraud
- Payment
- Phishing
- predictive analytics
- Prevention
- risk management
- Social engineering
- Social Networks
- Trust
- Uncategorized
- web logic abuse
- Zeus
-
RSS
Entries RSS
Comments RSS
Silver Tail Systems Blog 