Protect apps from reverse-engineering and code tampering/modification attacks
Use cryptographic key protection solution such as Whitebox Cryptography to ensure -
a. Cryptographic keys/secrets are not discovered at any time, and are not present in static form or in runtime memory
b. Data is protected at rest, in transit and in-use
Leverage vulnerability/penetration testing and ensure that known risks – including those identified in the OWASP mobile top 10 list, in particular, are addressed
On behalf of Prashanth Thandavamurthy of Arxan Technologies, Inc.
New Threat
Threat Category: Application: Vulnerable Application
Threat: Attacks on mobile health apps and medical devices.
Threat Origin: None
Exploit Example: http://www.computerworld.com/article/2837413/security0/dhs-investigates-24-potentially-deadly-cyber-flaws-in-medical-devices.html
CVE Example: None
Possible Countermeasures:
References: None