Last weekend I raced in some of the nastiest conditions I have ever experienced. The rain-soaked gravel roads in northeast Texas were already muddy from Friday’s rain. On Saturday, a mist fell until the rain poured for during the race’s third hour, making some sections even worse. This photo was taken near mile 55 three hours into my torture. It was challenging to stay upright in this section since the mud was so slick.

It was miserable. But, at the same time, it was fantastic.

I invest dozens of hours a week reading about marketing, technology, and making applications work…

BlackRock — an advanced Android malware derived from Xeres malware — evades detection and steals login credentials or credit card data from 337 different mobile banking, shopping, lifestyle, and video apps. BlackRock was disclosed in July 2020 by ThreatFabric. The Zimperium z9 engine had begun detecting early variants of BlackRock in the weeks prior to the full public disclosure with our patented on-device engine.

View Now

Read the full post on

Originally published at Scott King.

The below timeline includes notable mobile app breaches, failures, and data leaks in 2020. Scroll through the dozens of stories to learn about the more prominent breaches.

The timeline is built using Timeline JS from The Northwestern University Knight Lab.

Originally published at Scott King.

This data visualization is constructed using Google Data Studio using a data set of mobile banking app security risks and vulnerabilities. The data set was formulated using a mobile app scanning and testing platform from Zimperium.

Originally published at Scott King.

This presentation describes the differences between application shielding or hardening technologies and in-app protection.

Application shielding is a set of technologies that modify and obfuscate an application’s binary code. App shielding makes an application more tamper-resistant, protecting against intellectual property theft, piracy, and vulnerability discovery by reverse engineering, and unauthorized access. It creates a more resilient app making it more difficult to reverse engineer by obfuscating and encrypting the binary code.

In-app protection differs from app shielding in that it detects real-time malware, network, and operating system attacks from inside the app. …

This presentation describes the top five ways hackers attack mobile apps looking for secrets. It describes particular attacks, the tools used in the attacks, what specific information the bad actor hopes to obtain, and cites real-world examples of each of the attack methods. The presentation is a collection of dozens of stories and was constructed in collaboration with Zimperium’s zLabs research and development team.

How Hackers Attack Your Mobile Apps:

  1. Authentication Attacks
  2. Authorization Attacks
  3. Spoofing and Tampering Attacks
  4. Racing Resources Attacks
  5. Information Leakage Attacks

Originally published at Scott King.

This presentation provides details on development best practices, data leakage risk and security exposure for 45 Android mobile apps from the top US banks and mobile payment providers. The research displays vulnerabilities in consumer mobile banking apps and the correlating risk they introduce for banks and mobile users. This presentation was delivered at Droidcon SFO 2019.

Originally published at Scott King.

Scott King

Marketing Strategist and Head of Marketing at Krista Software.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store