Millions of sensitive records exposed by mobile apps leaking back-end credentials

Thousands of mobile applications, including popular ones, implement cloud-based, back-end services in a way that lets anyone access millions of sensitive records created by users, according to a recent study.

The analysis was performed by researchers from the Technical University and the Fraunhofer Institute for Secure Information Technology in Darmstadt, Germany, and the results were presented Friday at the Black Hat Europe security conference in Amsterdam. It targeted applications that use Backend-as-a-Service (BaaS) frameworks from providers like Facebook-owned Parse, CloudMine or Amazon Web Services.

To read this article in full or to leave a comment, please click here

Read more: Millions of sensitive records exposed by mobile apps leaking back-end credentials

Story added 16. November 2015, content source with full text you can find at link above.