Top

Android app developers should update to Dropbox’s latest SDK

March 11, 2015

Via: application-security
Category:

#android apps that use #dropbox for #storage and are built using an older version of its #sdk are vulnerable to an attack that can steal data, although Dropbox has released a fix, according to IBM #security researchers.IBM’s #application security research team said Wednesday they had found a way to link their own Dropbox account to an Android app on another person’s phone that connects to the storage #service. After a successful attack, any data uploaded by the app is delivered to the attacker’s Dropbox account.

Dropbox publishes an SDK (software development kit) for linking its service to an app. The flaw, nicknamed “DroppedIn,” affected Dropbox SDK versions 1.5.4 through 1.6.1 and was fixed in version 1.62, IBM said in a blog post.

Read More

RELATED PUBLICATIONS

Over 60,000 Android apps infected with adware-pushing malware
Predator Android Spyware: Researchers Uncover New Data Theft Capabilities
Zyxel Issues Critical Security Patches for Firewall and VPN Products

Latest Publications

New PowerDrop Malware Targeting U.S. Aerospace Industry
Winning the Mind Game: The Role of the Ransomware Negotiator
Over 60,000 Android apps infected with adware-pushing malware
Security Curated Copyright © 2023. All rights reserved
Go to ITCurated!