FireEye has seen the development of various third-party solutions that allow developers to remotely hot patch an iOS app on a non-jailbroken device without going through Apple’s review process, leading to security risks. This blog examines Rollout.io, a commercial solution that addresses the remote patching problem while remaining focused on security.Read more...
Entries filed under 'Apps'
Threat Research Blog
FireEye posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. These blog posts cover everything from exploits and vulnerabilities, to advanced malware and targeted attacks.
January 27, 2016 8:00 AM By Jing Xie, Jimmy Su, Zhaofeng Chen | Mobile Threats
What are the security risks of iOS apps? While some alternative solutions make it more efficient for developers ito update their apps, they don't meet the strict security standards Apple has in place, which could lead to compromised code.Read more...
December 17, 2015 5:53 PM By Wu Zhou, Jimmy Su, Heqing Huang, Zhaofeng Chen, Jing Xie | Mobile Threats
Android trojan apps are imitating legitimate apps of financial management institutions in North America, Europe, and Asia Pacific. SlemBunk apps masquerade as common, popular applications and stay incognito after running for the first time.Read more...
April 9, 2015 8:00 AM By Tao Wei, Yulong Zhang, Zhaofeng Chen, Hui Xue | Mobile Threats, Vulnerabilities
If two apps register the same URL scheme in iOS, one app can hijack the other due to iOS design. This blog takes a look at that scenario and its potential dangers.