Mobile applications at risk of data theft thanks to shared libraries

Security Digest Information security news and advice from TechTarget's network | August 16, 2017 [TechTarget]( FEATURED STORY [Mobile data theft a risk from shared app libraries]( by Michael Helller, Senior Reporter Researchers claim malicious actors could commit mobile data theft by using shared third-party libraries and abusing elevated privileges that the permissions granted. (SearchSecurity.com) Advertisement NEWS [Microsoft changes antivirus policy under Kaspersky pressure]( Microsoft changes antivirus policy in Windows 10 Fall Creators Update in order to avoid further action in an antitrust case brought by Kaspersky. (SearchSecurity.com) [U.S. attorney: Gathering cybercrime evidence can be difficult]( Assistant U.S. attorney says jurors and courts are getting smarter about cybercrime evidence, although digital cases overall may be getting more difficult to prosecute. (SearchSecurity.com) [FBI's Next Generation Identification system exempt from Privacy Act]( News roundup: The FBI Next Generation Identification biometrics database is exempt from the Privacy Act. Plus, Salesforce fired two top staffers after DEFCON, and more. (SearchSecurity.com) How threat actors weaponized Mia Ash for a social media attack]( Dell SecureWorks researchers detected suspicious activity on social media accounts of Mia Ash. When they dug deeper, they discovered a new, complex social engineering attack. (SearchSecurity.com) [How FBI cyber investigations handle obfuscation techniques]( An FBI agent discusses cyber investigations, how they handle obfuscation techniques, the anonymizing features of the deep web and how to catch the right person. (SearchSecurity.com) [Risk & Repeat: Voting machine hacking brings good and bad news]( In this week's Risk & Repeat podcast, SearchSecurity editors look back at DEFCON 2017's voting machine hacking and what it could mean for the future of U.S. election security. (SearchSecurity.com) EXPERT ADVICE [Security teams must embrace DevOps practices or get left behind]( DevOps practices can help improve enterprise security. Frank Kim of the SANS Institute explains how infosec teams can embrace them. (SearchSecurity.com) [Zombie cloud infrastructures haunt enterprise security teams]( Instances created, but then forgotten can cause zombie cloud infrastructures that threaten the security of enterprises. Expert Frank Siemons discusses how to handle these systems. (SearchCloudSecurity.com) Applying a hacker mindset to application security]( It can be beneficial to think like a black hat. Expert Kevin Beaver explains why enterprise security teams should apply a hacker mindset to their work and how it can help. (SearchSecurity.com) [How can VMware vulnerabilities in vSphere expose credentials?]( Two VMware vulnerabilities in vSphere Data Protection were recently patched. Expert Judith Myerson explains how the flaws work and how to defend against them. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, [click here](. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2017 TechTarget. All rights reserved. [TechTarget](