#NowSecure

Blaze Trends

@blazetrends.bsky.social

4 months ago

Mobile Apps a 'Privacy Blind Spot,' New Study Flags 8 Common Apps Cybersecurity firm NowSecure analyzed more than four million public mobile applications through its Mobile Application Risk Intelligence (MARI) service, which

Mobile Apps a 'Privacy Blind Spot,' New Study Flags 8 Common Apps

#android #datasecurity #ios #mobileappprivacy #NowSecure

Hashlytics.io

@hashlytics.io

5 months ago

NowSecure Warns Businesses to Strengthen Mobile App Security

In today's rapidly evolving digital landscape, mobile applications have become the Achilles' heel of corporate cybersecurity. As businesses race to... #NowSecure

Thiard News@F4F

@newsen.bsky.social

5 months ago

NowSecure Launches MARC to Enhance Mobile Data Security Awareness NowSecure's new tool, MARC, helps identify mobile app security risks for IT and Security professionals, enhancing data protection efforts.

NowSecure Launches MARC to Enhance Mobile Data Security Awareness #United_States #Chicago #data_privacy #Mobile_Application_Risk_Checker #NowSecure

Approov Mobile Security

@approov.bsky.social

8 months ago

Securing Critical Mobile Medical Apps | FDA Regulations & Cybersecurity FDA Regulation and Cybersecurity for Life-Critical Health Apps Welcome to "Upwardly Mobile," the podcast exploring the intersection of mobile technology, health, and regulation. In this episode, we dive deep into the world of Mobile Medical Apps (MMAs), understanding how the FDA ensures their safety and effectiveness, and why cybersecurity is absolutely non-negotiable in this rapidly evolving landscape. What You'll Learn: • The Rise of mHealth: Mobile health (mHealth) apps are revolutionizing healthcare, empowering patients with personalized monitoring, tracking, and therapeutic support1. The regulated medical apps market is projected to reach a staggering $156 billion by 20331. • Understanding FDA Oversight: The U.S. Food & Drug Administration (FDA) plays a critical role in overseeing device software functions, including mobile medical apps2. Their focus is on software that presents a significant risk to patients if it fails, or software that transforms a mobile platform into a regulated medical device2.... • Defining Mobile Medical Apps: An app is classified as a mobile medical app if it meets the definition of a device under section 201(h) of the FD&C Act, meaning it's intended for use in the diagnosis, cure, mitigation, treatment, or prevention of disease, or to affect the body's structure or function3.... Examples include apps that control medical devices, transform a phone into a diagnostic tool (like an ECG reader or glucose meter), or provide treatment recommendations58. • FDA's Risk-Based Approach: The FDA applies a risk-based approach, focusing its oversight on higher-risk software functions that require formal review910. However, for many low-risk apps—such as those that help users self-manage conditions without providing specific treatment suggestions, or automate simple tasks for healthcare providers—the FDA intends to exercise enforcement discretion, meaning they won't typically require premarket review. The FDA does not regulate general consumer smartphones, tablets, or mobile app stores. • The Criticality of Cybersecurity: For any medical device, including mobile medical apps, cybersecurity is paramount for safety and effectiveness14. As Jessica Wilkerson, a Senior Cybersecurity Policy Advisor at the FDA, emphasizes, "You cannot have a safe and effective device if you don’t have a cybersecure device"414. Mobile app security vulnerabilities pose significant risks, including patient harm, data breaches, privacy compromises, legal consequences, and damage to brand reputation15. • Emerging Threats and Weaknesses: The mobile medical ecosystem faces serious threats like Man-in-the-Middle (MitM) attacks, which can falsify data or steal protected health information (PHI)16. Runtime tampering using tools like Frida or Xposed allows attackers to modify app behavior, bypass protections, or extract sensitive data17. Common weaknesses found in mHealth apps include static API keys, lack of app attestation, weak runtime protection, and insufficient certificate pinning1819. • Best Practices for Secure Mobile Medical Apps: To combat these threats, robust security measures are essential. These include App Attestation to ensure only legitimate apps access APIs, Runtime Threat Detection to identify hooking or emulation, Dynamic Secrets and Token Protection to prevent credential exposure, API Hardening, and MitM Mitigation through dynamic certificate pinning1920. • Industry Insights on Security Gaps: A NowSecure benchmark report revealed that an alarming 95% of healthcare apps failed one or more OWASP Mobile Application Security Verification Standard (MASVS) checks, highlighting widespread issues like insecure network connections, insecure platform interaction, and insecure code quality2122. This underscores the urgent need for developers to adopt secure coding practices and perform continuous security testing22. Relevant Links & Resources: • FDA Official Guidance: ◦ Device Software Functions Including Mobile Medical Applications: https://www.google.com/url?sa=E&q=https%3A%2F%2Fwww.fda.gov%2Fmedical-devices%2Fdigital-health-center-excellence%2Fdevice-software-functions-including-mobile-medical-applications2324 ◦ Policy for Device Software Functions and Mobile Medical Applications - Guidance: https://www.google.com/url?sa=E&q=https%3A%2F%2Fwww.fda.gov%2Fregulatory-information%2Fsearch-fda-guidance-documents%2Fpolicy-device-software-functions-and-mobile-medical-applications2526 • FDA Regulation: Ensuring the Safety & Security of Medical Mobile Apps (NowSecure): https://www.google.com/url?sa=E&q=https%3A%2F%2Fwww.nowsecure.com%2Fblog%2F2024%2F05%2F01%2Ffda-regulation-ensuring-the-safety-security-of-medical-mobile-apps%2F2728 Sponsor Message: This episode of "Upwardly Mobile" is brought to you by Approov. Approov provides a cutting-edge zero-trust security layer specifically designed for mobile-connected environments, including sensitive digital health applications. They help ensure that only trusted, untampered apps running in secure environments can access your critical APIs, protecting patients, preserving intellectual property, and aiding manufacturers in meeting stringent healthcare compliance needs like HIPAA and GDPR29.... To learn more about securing your mobile medical ecosystem, visit approov.io. Keywords: Mobile Medical Apps, FDA Regulation, mHealth, App Security, Cybersecurity, Patient Safety, Medical Devices, Digital Health, Mobile App Development, Healthcare Technology, Compliance, API Security, Data Privacy, OWASP, Runtime Protection, App Attestation, Certificate Pinning.

📣 New Podcast! "Securing Critical Mobile Medical Apps | FDA Regulations & Cybersecurity" on @Spreaker #apisecurity #approov #devsecops #fdaregulation #healthtech #medicaldevices #mhealth #mobilemedicalapps #mobilesecurity #nowsecure #patientsafety

Intel Night OWL 🦉🇺🇸

@intelnightowl.bsky.social

1 year ago

#NowSecure has conducted a comprehensive #security and #privacy assessment of the #China #DeepSeek #iOS #app, uncovering multiple critical #cyber #vulnerabilities that put individuals, #enterprises, & #government agencies at risk.

Key Risks & more information here: www.nowsecure.com/blog/2025/02...

@johniac.bsky.social

1 year ago

SciTech Chronicles. . . . . . . . .Feb 9th, 2025 Invincibility is in oneself, vulnerability is in the opponent. Vol II No 35 165 links Curated Meet the Citizen Scientists Determining What...

SciTech Chronicles. . . . . . . . .Feb 9th, 2025

bit.ly/stc020925

#microbiomes #Isala #dysbiosis #vaginal #Silverblue #rpm-ostree #containers #cloud #space-time #lasers #Lambda-CDM #axions #DeepSeek #AI #NowSecure #ATS #graphene #superconduction #moiré #quasiparticles

Baptiste Hugot

@baptistehugot.com

1 year ago

Et une étude de #NowSecure révèle que l’application #iOS #DeepSeek possède de nombreuses vulnérabilités critiques : transmission de données non chiffrées, stockage de données non sécurisé, collecte extensive de données et envoyées en Chine… Peu étonné par cela.
www.nowsecure.com/blog/2025/02...

CEOTECH.IT

@ceotech.bsky.social

1 year ago

DeepSeek: dati iPhone non criptati a ByteDance (TikTok)
#AI #Android #ByteDance #ChatGPT #Cina #Crittografia #CyberSecurity #DeepSeek #DeepSeekR1 #Hacking #IntelligenzaArtificiale #iOS #iPhone #Notizie #NowSecure #Privacy #Sicurezza #TechNews #Tecnologia #TikTok
www.ceotech.it/deepseek-dat...

Alan

@aln.lat

1 year ago

#NowSecure descubre múltiples fallas de seguridad y privacidad en la aplicación móvil de #DeepSeek iOS.

"La aplicación transmite datos sensibles a través de internet sin cifrado, lo que la hace vulnerable a la interceptación y manipulación"

www.nowsecure.com/blog/2025/02...