CyLab-Africa researchers partner with mobile security provider for summer collaboration experience Researchers from CyLab-Africa and the Upanzi Network recently partnered with the mobile security provider Approov to explore the security of common financial services apps used across Africa. After surveying 224 popular financial applications, the researchers found that 95 percent of these Android apps exposed secrets that can be used to reveal personal and financial data. Across these applications, approximately 272 million users have the potential to be victims of the security flaws. Read Full Story

This is the first article in a guest blog series by Jason Bloomberg, Managing Partner, Intellyx Focusing on user authentication, including multi-factor authentication, is not enough to put mobile at the center of your cybersecurity strategy. It is essential to ensure the integrity of devices, applications, and communication channels, along with securing API access. Read Full Story

In recent years, the tech world has witnessed a significant shift towards what are known as "super apps." These mobile applications have become increasingly popular, offering a plethora of services within a single, convenient platform. While they present numerous opportunities for users and businesses, they also bring forth a set of unique challenges, particularly in the realm of mobile security. Read Full Story

This blog explains bot attacks in detail, how to distinguish good from bad bots, and explains how to let good bots do their useful work while preventing bad bots from doing any damage. It also explains why bot attacks on and by mobile apps are particularly problematic and require special defenses to be put in place. Read Full Story

Safeguarding Security and Integrity: In today's digital landscape, mobile applications have become integral to our daily lives, offering convenience, entertainment, and essential services. However, with the rise of mobile app usage, there's also been a surge in unauthorized and malicious apps (aka Dummy Apps, Cloned Apps, Tampered Apps) that pose significant threats to users, organizations, and developers alike. In this blog post, we'll explore why it's imperative for developers to prevent the running of non-authorized apps from accessing your API’s and how cutting-edge solutions like Approov Mobile Security can help safeguard security and integrity. Read Full Story

This is a Guest Blog written by the CyLab-Africa team : Theoneste Byagutangaza, Lena Chacha, Trevor Henry Chiboora, Joel Jefferson Musiime and George McGregor from Approov. This week, we published a new report: “The Security Challenges of Financial Mobile Apps in Africa”. This is based on research carried out by a research team from CyLab-Africa, sponsored by Approov. The research reveals an alarming Fintech exposure in Africa – 95% of the apps investigated leak secrets! The full report is published on the Approov website here and is essential reading for any mobile app developers who are planning worldwide deployment. Read Full Story

What is OWASP MASVS? The OWASP (Open Worldwide Application Security Project) MASVS (Mobile Application Security Verification Standard) is a valuable resource for mobile app developers seeking to improve the security posture of their iOS and Android applications. The standard is based on the collective knowledge of security experts from around the world and provides both a baseline and a benchmark for security requirements for mobile apps. Read Full Story

Introduction Data breaches have become a persistent threat for organizations across the globe, with cybercriminals relentlessly targeting valuable data, sensitive customer information, and proprietary business data. The data below is alarming, but the key takeaway is through prevention, monitoring, and rapid remediation, costs can be eliminated or highly mitigated. Read Full Story

Mobile apps and APIs are increasingly being targeted by cybercriminals using sophisticated techniques to exploit vulnerabilities and gain access to sensitive data. To stay ahead of these threats, real-time analytics on the security state of mobile apps and devices is critical. Read Full Story

The last year has not been great for crypto. Most crypto currencies, including Bitcoin, experienced significant loss of value, and we saw high profile exchanges like FTX collapse. In addition, hackers were actively stealing crypto currency. The blockchain company Chainalysis calculated that $3.8bn was stolen by hackers in 2022. Read Full Story