Tech experts reveal vulnerabilities prone to allowing incidence of database hacking

Researchers from the Georgia Institute of Technology and The Ohio State University have revealed more than 1,600 vulnerabilities within the support ecosystem among the 5000 free aps available in the Google Play Store.

The presence of such vulnerabilities will allow hackers to hack the databases which includes personal information, along with the possibility of reaching the user’s mobile device.

In order to avoid such incidence, the researchers have developed an automated system known as the SkyWalker which will scrutinize the cloud servers, in addition to the software library systems. The development of SkyWalker will thus also help in evaluating the security of servers which support mobile applications, operated through cloud hosting services instead of individual app developers.

“A lot of people might be surprised to learn that their phone apps are communicating with not just one, but likely tens or even hundreds of servers in the cloud,” commented Brendan Saltaformaggio. He is an assistant professor in Georgia Tech’s School of Electrical and Computer Engineering. “Users don’t know they are communicating with these servers because only the apps interact with them and they do so in the background. Until now, that has been a blind spot where nobody was looking for vulnerabilities,” he added.

The latest research was also supported by the Air Force Office of Scientific Research and the National Science Foundation. In the study, 983 instances of common vulnerabilities were found, including 655 instances of zero-day vulnerabilities which covered operating systems, software layers, communications modules and even web apps. According to the reports, the experts are still examining whether the attackers could get into individual mobile device when connected to vulnerable servers.

“These vulnerabilities affect the servers that are in the cloud, and once an attacker gets on the server, there are many ways they can attack. It’s a whole new question whether or not they can jump from the server to a user’s device, but our preliminary research on that is very concerning,” Saltaformaggio said.

,
Shreyas Tanna

Shreyas Tanna

The winner of the title Mr. Pune 2009, Mr. Shreyas Tanna is currently the young, dashing, and dynamic CEO of a market research company called ResearchNReports in Pune. Fondly known as RNR, the company specializes in market research as well as industry analysis, and is closely associated with its parent company Absolute Market Insights (AMI). Mr. Shreyas Tanna began his corporate journey as the Head of Corporate sales & PR at RED Entertainment while pursuing his degree for MMS (Marketing) from the MGM College of Management, Mumbai. After accomplishing the tedious task of balancing his work and education, he further polished his skills in Corporate Sales, Public Relations, Channel Development, Global Client Engagement, Strategic Consulting, and Brand Development by working with HDFC Life and Researchmoz Global Pvt. Ltd. His dedication towards his work has even won him accolades such as the National Level Performer 2013 – HDFC Life and Mr. Research Moz 2015. A disciplined individual with a loving heart, he is often seen taking crisp walks with an engrossed look and a gentle smile within the premises of his company to interact with the various departments. And he will be usually followed by an adorable trail of his beloved trio of Shih Tzu babies proudly known as Gucci, Drake, and Paris. The most enticing thing that you will notice about this content and proud pet parent is his infectious positivity and the firm belief in his eyes, a reflection of his favorite quote, “LIFE IS BEAUTIFUL!”