Phone manufacturers and mobile network operators often implement stringent software restrictions for security reasons. However, these constraints can be circumvented by rooting your Android phone. Rooting is the process of gaining access to more administrative-level controls on an Android device. Despite its benefits, attackers often use rooting to target sensitive user and business data. According to security experts, 36 out of 1000 Android devices are rooted globally.

During the assessment of one of the financial applications built upon the flutter framework, we came across that the application was using PGP encryption for encrypting the API requests. It is pretty common for financial applications to be implementing traffic encryption, with AES seen to be the preferred algorithm for encrypting traffic. There is plenty of research already available on decrypting AES encrypted traffic.

Ransomware is not a new attack vector. In fact, the first malware of its kind appeared more than 30 years ago and was distributed via 5.25-inch floppy disks. To pay the ransom, the victim had to mail money to a P.O. Box in Panama.

Large construction firms rely on a vast network of architects, engineers, project managers, contractors, and suppliers to collaborate on projects of all sizes and complexities. While the digitization of the construction industry has made it easier for these project teams to share information, it also expands the cyber-attack surface.