読者です 読者をやめる 読者になる 読者になる

トリコロールな猫/セキュリティ

セキュリティ情報の備忘録的まとめ。

20140419-20 セキュリティ情報まとめ

本日のまとめ

Feedly JavaScript Code Injection Vulnerability

I suspect the vulnerable codes are of the backend servers and not the android app itself. As such, bothvulnerable version and fixed version fields are not applicable.

不正アクセス・情報漏洩事件

a hacker named Muhammad Bilal from Pak Cyber Experts group breached the official Bihar Bjp website(www.biharbjp.org) and defaced the home page. The defacement contains a picture of person standing on Narendra Modi's photo and posted some comments. The hacker also called India as Stupid.

単発記事

Official Android Blog: Expanding Google’s security services for Android

Building on Verify apps, which already protects people when they’re installing apps outside of Google Play at the time of installation, we’re rolling out a new enhancement which will now continually check devices to make sure that all apps are behaving in a safe manner, even after installation.

Androidアプリの脆弱性の学習・点検ツール AnCoLe:IPA 独立行政法人 情報処理推進機構

Androidアプリの脆弱性の学習・点検ツール「AnCoLe(アンコール)」(以降、本ツール)は、Androidアプリの開発者を対象とした、脆弱性が作り込まれてしまう原因や対策について実習形式で学べるツールです。