You are here: Blog Josh Coppage Let’s Take a Look at Phishing Attacks

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Print

Basic Errors Have Made Hundreds of Applications a Risk to Data

Voyage Technology Blog Security
0 Comments
Basic Errors Have Made Hundreds of Applications a Risk to Data

Earlier this year, it became known that almost 2,000 mobile applications suffered from some type of security threat, thus putting a lot of sensitive data on the line. Let’s examine how you can ensure that your business doesn’t suffer from mobile app security issues.

Access Permissions Are the Major Culprit

Apps are not fully hosted on your device the way a desktop application might be on your computer. Rather, they are hosted in the cloud, and the app itself is more of a hard-coded shortcut that allows you access to the data or service provided by the application.

At least, that’s just how it should work in theory. According to Broadcom’s Symantec Threat Hunter, this type of single-purpose login process allows hackers to access all of the files that a cloud service contains, including company data, backups of databases, and system controls.

The scariest part is that multiple apps use the same publicly available software development kits, or SDKs, and many apps are built by the same company, allowing these login credentials to be used for multiple different types of applications and services found on the same infrastructure.

So, if a hacker were to gain access to one of the access tokens used by a company, they could potentially gain access to all of the applications which that access token provides access to.

Research conducted on Android and iOS platforms found around 2,000 applications that had their credentials hard-coded to Amazon Web Services (around three-quarters of those granting access to private cloud providers, and half of those granting access to private files), half of which also contained access tokens for unrelated applications.

What Can You Do to Protect Your Business?

Naturally, you don’t want someone to be able to access your company’s private data or the data you’ve collected from clients, employees, or other interested parties. Naturally, you should have some level of control over who within your organization can access what data.

Let’s look at it this way; the human resources department at your business might need access to employee information, but nobody else should be able to access that data. The same can be said for other data, too, according to the employee’s role within the company. The fewer people who have access to data, the less likely you are to expose said data to a security breach.

So, long story short, to keep your data safe from these types of mobile application exploits, control who can and cannot access specific data.

To learn more about how you can protect your business, call Voyage Technology at 800.618.9844.

Tweet
Tags:
Data Current Events Mobile Device
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 14 June 2026

Captcha Image

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Cloud Hackers Efficiency Hardware Network Security User Tips IT Services Internet Malware Workplace Tips Phishing Privacy IT Support Google Email Computer Workplace Strategy Small Business Managed Service Collaboration Hosted Solutions Backup Ransomware AI Users Productivity Mobile Device Saving Money Microsoft Quick Tips Passwords Communication Cybersecurity Smartphone Data Backup Disaster Recovery Data Recovery Android Upgrade VoIP Business Management Smartphones Mobile Devices communications Windows Browser Social Media Microsoft Office Managed IT Services Current Events Network Tech Term Internet of Things Remote Information Miscellaneous Training Facebook Holiday Automation Artificial Intelligence Outsourced IT Covid-19 Gadgets Cloud Computing Compliance Remote Work Server Managed Service Provider IT Support Encryption Employee/Employer Relationship Spam Office Windows 10 Data Management Business Continuity Government Bandwidth Blockchain Virtualization Vendor Wi-Fi Business Technology Windows 10 Data Security Apps Managed Services Two-factor Authentication Mobile Office Tip of the week Gmail Budget WiFi Apple Networking App Employer-Employee Relationship BYOD Voice over Internet Protocol Mobile Device Management Chrome Password HIPAA Managed IT Services How To Applications BDR Computing Hacker Physical Security Information Technology Conferencing Avoiding Downtime Marketing Access Control Office 365 Retail Storage Bring Your Own Device Big Data Router Operating System 2FA Help Desk Computers Virtual Private Network Risk Management Website Healthcare Health Analytics Office Tips Augmented Reality Windows 7 Microsoft 365 Scam The Internet of Things Data loss Solutions Social Going Green Patch Management Save Money Remote Monitoring Windows 11 End of Support Vulnerability Monitoring Customer Service Vendor Management Cybercrime Excel Display Printer Remote Workers Managed IT Service Paperless Office Telephone Infrastructure Cooperation Free Resource Document Management Firewall Project Management Images 101 Telephone System Multi-Factor Authentication Maintenance Mobility Safety Sports Cost Management Antivirus Mouse Administration Employees Integration User Tip Modem Mobile Security Robot Processor Customer Relationship Management Holidays Settings Wireless Printing Data Storage Content Filtering Hacking IT Management Smart Technology Supply Chain VPN YouTube Meetings Presentation Video Conferencing Managed Services Provider Saving Time Virtual Machines Cryptocurrency Professional Services Wireless Technology Computer Repair Virtual Desktop Data storage LiFi Downloads iPhone Licensing Word Outlook Machine Learning Entertainment Vulnerabilities Money Data Privacy Humor Scary Stories Private Cloud Data Analysis Entrepreneur Star Wars IT Assessment Hacks Server Management Microsoft Excel IT Maintenance Superfish Staff Value Business Intelligence Identity Theft Fun Gamification Flexibility Organization Social Networking Deep Learning Legislation Shortcuts Twitter Error Undo Fileless Malware Digital Security Cameras Smart Devices Ransmoware Wearable Technology Memory Vendors Education Social Engineering Content Remote Working Health IT Motherboard Data Breach Comparison Google Play Be Proactive Remote Computing Directions Videos Assessment Electronic Health Records Mobile Computing Permissions Workforce Wasting Time Threats Tablet Search Application Trend Micro Best Practice Specifications Security Cameras Workplace Strategies Alert Buisness File Sharing Dark Data Microchip Internet Exlporer Software as a Service Managed IT Fraud Meta Username Legal Managing Costs Amazon IT solutions IBM How To eCommerce Business Growth Black Friday SSID Notifications Virtual Assistant Outsource IT Travel Database Surveillance Techology IT Technicians Virtual Machine Environment Google Maps Media Cortana Proxy Server Reviews Cookies Alt Codes Cyber Monday Medical IT Hotspot Transportation Small Businesses Downtime Unified Threat Management Competition Tactics Development Unified Threat Management Mirgation Hypervisor Displays Hosted Solution Shopping Nanotechnology Optimization Typing PowerPoint Language Employer/Employee Relationships Outsourcing Network Congestion Addiction Management PCI DSS Google Drive User Error Chatbots Navigation Knowledge User Gig Economy Screen Reader Distributed Denial of Service Workplace Computing Infrastructure Teamwork Hiring/Firing Point of Sale 5G Service Level Agreement Internet Service Provider Regulations Compliance Google Docs Identity Unified Communications Evernote Paperless IP Address Experience Running Cable Tech Support Bookmark Smart Tech Memes Bitcoin Network Management Co-managed IT Google Wallet Alerts SQL Server Technology Care Monitors Download Net Neutrality Financial Data History Business Communications Recovery Laptop Websites Hard Drives Browsers Smartwatch Connectivity IT Windows 8 Break Fix Scams Drones Azure Hybrid Work Domains Upload Procurement Social Network Telework SharePoint Cyber security Multi-Factor Security Tech Human Resources Electronic Medical Records Halloween Refrigeration CES IoT Communitications Dark Web Cables Lenovo Public Speaking Writing Trends Supply Chain Management Customer Resource management FinTech Regulations Google Calendar Term Google Apps Lithium-ion battery Virtual Reality

Blog Archive

2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015