View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Networks
February 5, 2014

Nearly half of mobile apps have improper encryption

Openly exposed vulnerabilities dropped by 6% last year.

By CBR Staff Writer

Around 46% of mobile applications have been found to be using improper encryption, a new HP study revealed.

According to the latest Cyber Risk Report 2013, mobile app developers often neglect to use encryption when storing confidential information on mobile devices and rely on vulnerable algorithms to do so, or exploit tougher encryption capabilities, leaving them less effective.

HP Enterprise Security Products chief technology officer Jacob West said adversaries today are more adept than ever and are collaborating more effectively to take advantage of vulnerabilities across an ever-expanding attack surface.

"The industry must band together to proactively share security intelligence and tactics in order to disrupt malicious activities driven by the growing underground marketplace," West said.

The report added that the overall openly exposed vulnerabilities dropped by 6%, with the high-severity vulnerabilities dropping by 9% during 2013.

HP research also found that about 80% of applications comprised vulnerabilities embedded outside their source code.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Among all browsers, Internet Explorer topped the list of highly targeted entities by HP Zero Day Initiative (ZDI) vulnerability, accounting for over half of vulnerabilities acquired by the programme.

The report also added that Sandbox bypass vulnerabilities, which are mainly caused by insecure reflection would turn out to be the most prolific issue in the Java framework.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.