On January 16th, 2014, Erez will be giving an important presentation on Android Hacking in Mobile Application Security.
Full logistical details can be found here: http://cyber-security-tlv-summit.events.co.il/save-the-date
We’d love to see everyone there and we’re looking forward to the exchange of ideas. For now, take a look at the Synopsis so you have an idea of what’s ahead!
Synopsis of his upcoming speech:
The mobile apps revolution has completely changed the way we use our mobile devices, that up until recently were used just to make phone calls. Mobile applications nowadays handle our most sensitive data – phone calls, SMS text messages, geographic location, financial information, internet browsing, etc., but the question is “How can we really tell how secure are those applications? Who can assure us they are not spying on us? Or, can it be abused by other applications taking advantage of security vulnerabilities in those apps?”
During this presentation we will answer such questions, while focusing on Android mobile applications. We will start by describing the threat model of mobile apps vs. traditional apps, then we’ll demonstrate a couple of common application level vulnerabilities, and the tools/techniques used to expose them.
Participants of this presentation will also witness the usage of the AppUse Android Penetration Testing VM – an open source virtual machine created by AppSec Labs for the sole purpose of pentesting Android applications.