Connect with us
nira .ng banner for cfatech.ngNCC top bar on CFAtech.ng

CFA's Tech Blog – Transforming Africa

The Web and Smartphone Applications, How Vulnerable?

The Web and Smartphone Applications, How Vulnerable?

Tech Tips

The Web and Smartphone Applications, How Vulnerable?

Speaking from a health perspective, whenever you mention the term “infection”, it usually triggers the anxiety hormone in our body. Nobody wants to be infected, because the adverse effects are enormous.

A similar thing happens on the internet, we have online infections. The website has infections, applications and our smartphones are not exempted.

It’s very crucial to pay the same attention you pay to your health to your sojourn online; the web is not safe.

Meanwhile, report by security-as-a-service platform, Menlo Security says 46% of the top one million websites are running vulnerable software. “News and media websites are the most at risk, with 50% of all studied websites deemed to be open to attack”.

This simply means the internet landscape is swimming the ocean of vulnerability and insecurity.

Presently, the technical skills in launching a malware or to attack someone is just minimal. You have to learn some basic skills before you would be able to execute any attack on the web.
The world has even evolved to the point that information already available on the internet shows you step by step action plans on how to launch an attack on the web.

“The results are significant because risky sites have never been easier to exploit, and traditional security products fail to provide adequate protection. Attackers have their veritable choice of half the web to exploit, and phishing attacks can now utilize legitimate sites,” Menlo Security’s Chief Technology Officer Kowsik Guruswamy says.
Scanning your Website for Vulnerabilities

However, you might need to run a security check on your site to fish out any form of vulnerability or security risks. Here are ten online website tools you can try today

1. Scan My Server
2. SUCURI
3. Quttera
4. Detectify
5. SiteGuarding
6. Web Inspector
7. Acunetix
8. Asafa Web
9. Netsparker Cloud
10. UpGuard Web Scan

Smartphone Application Vulnerabilities

“96% of the applications tested have some sort of identified vulnerability, with each application exhibiting at least 14 vulnerabilities apiece,” report on Application Security Trends from Cenzic says.

From the mobile application perspective, it is the same issue. A lot of smartphone users have resorted to using Android smartphone where you can download series of applications. The truth is, most of these applications appear very cool and safe, and they are not.

“I rarely test an application and don’t find any issues. Although, testers often ask for protection measures such as WAFs to be disabled during tests to aid testing the application rather than the defenses, this may affect actual results,” Robin Wood, an Independent Pentester said.

Moreover, almost everybody is using a smartphone thereby getting the landscape more crowded and increasing the tendencies of vulnerabilities. With IoT being one of the biggest trends, the fears become high.

According to Nokia, the Finnish smartphone maker, “attackers are targeting a broader range of applications and platforms, including popular mobile games and new IoT devices, and developing more sophisticated and destructive forms of malware,”

Remedies for Smartphones

There are good antivirus softwares that you can actually invest on; getting your smartphone secured is worth more than any penny that would be spent on security. Although, many of the experts believe that antivirus has lost its effectiveness.

“Ten years ago if you were to ask someone the question, ‘Do you need antivirus?’ the overwhelming response would be, ‘Absolutely, my entire security strategy is based on endpoint antivirus,’” says Paul Carugati, a security architect with Motorola Solutions. “Today … I don’t want to downplay the need for it, but it has certainly lost its effectiveness.”

According to Cenzic the majority of identified vulnerabilities comes down to *ahem* lazy developers who ignore code standards and don’t test code for security during development. Of course, proper server configuration helps, as well as, providing protection through a web application firewall.

Continue Reading
Advertisement Advertise here
You may also like...
Click to comment

Thanks for Contributing!

More in Tech Tips

RECEIVE UPDATES

LATEST

Advertisement

COMMENTS

Watch Tech Trends on CTV

PREVIOUS POSTS

CFAtech.ng Homepage Banner
To Top