Dropbox says Android security flaw fixed

Dropbox, the popular online file storing system and conveyed the message that it fixed a security flaw that could have allowed hackers to capture data stored in its service on Android devices via compromised third-party apps.

Dropbox, which has more than 300 million users, said it fixed the vulnerability a few months ago in the software it provides to third parties making apps that work with Dropbox.

It said most Android developers had already updated to the latest version of its software after being notified by Dropbox of the problem as early as December. Dropbox reminded any remaining developers working with the old version to update.

According to Dropbox, the software flaw meant that under certain circumstances a hacker could use a compromised third-party app to save another user’s data to the hacker’s Dropbox account. Dropbox said no data already stored on its service was ever vulnerable.

“There are no reports or evidence to indicate the vulnerability was ever used to access user data,” Dropbox said in a blog on its website.

Researchers at International Business Machines Corp initially discovered the flaw, and informed Dropbox, according to both companies.

Credits: channelnewsasia

Factors behind Succesful Mobility and Cloud Projects: 5 app-centric

These are the Top 5 Key application-centric factors:

1. Strong defense against advanced threats:

Enterprises and services providers face a variety of attacks, including DDoS, zero-day and application-level attacks. Hackers and cyber-criminals exploit application-related vulnerabilities in the multitude of applications in production environments and the range of deployment scenarios.

2. High service velocity:

Business stakeholders increasingly demand efficient and fast deployments of secure, and available services and applications. IT departments have leveraged trends and technologies such as agile, DevOps, cloud, and SDN to meet these requirements across development, operations, and networking teams.

3. Low cost and complexity:

Standardizing on a common service delivery platform, organizations can centrally deploy, manage and orchestrate application service topologies in a consistent manner across data center and cloud environments.

4. Programmability and automation:

A policy-based, customization approach allows organizations to create and automate services and support emerging application and network architectures. Powerful tools are available to configure and program environments dynamically.

5. Cloud enablement:

Serving corporate requirements around security, compliance, and performance, application services can be deployed in cloud environments and managed centrally alongside on-premise services. This ensures that policies governing security and performance are deployed and enforced consistently. Additionally, REST API capabilities for web application firewall solutions promote accelerated, secure cloud migration.

Source: networkasia