#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

android app permission manager | Breaking Cybersecurity News | The Hacker News

From Now On, Only Default Android Apps Can Access Call Log and SMS Data

From Now On, Only Default Android Apps Can Access Call Log and SMS Data
Oct 09, 2018
A few hours ago the company announced its "non-shocking" plans to shut down Google+ social media network following a "shocking" data breach incident. Now to prevent abuse and potential leakage of sensitive data to third-party app developers, Google has made several significant changes giving users more control over what type of data they choose to share with each app. The changes are part of Google's Project Strobe —a "root-and-branch" review of third-party developers access to Google account and Android device data and of its idea around apps' data access. Restricted Call Log and SMS Permissions for Apps Google announced some new changes to the way permissions are approved for Android apps to prevent abuse and potential leakage of sensitive call and text log data by third-party developers. While the apps are only supposed to request permission those are required for functioning properly, any Android app can ask permission to access y

How to Manage Android App Permissions to Protect Your Privacy

How to Manage Android App Permissions to Protect Your Privacy
Jun 22, 2015
Do you actually read the list of permissions that Android apps are asking for before you install them? I know most of us treat those permissions like terms and conditions, blindly tapping our way through. But if you actually do, you would be aware of their reach. Some of your apps can make phone calls Some can track your location Some can read your browsing history, contacts, SMS, photos, calendar And… Even share this personal information with third parties without your knowledge. But, do they need all those permissions? No doubt, Google's Android mobile operating system has a powerful app permission system that forces app developers to mention the exact permissions they require. But, there is one major issue for Android users: By default, it is a Take-it-or-Leave-it situation, which means you can choose to install the app, granting all those permissions or simply, not install it. It appears like every app developer wants access to much of my phon

SaaS Compliance through the NIST Cybersecurity Framework

SaaS Compliance through the NIST Cybersecurity Framework
Feb 20, 2024Cybersecurity Framework / SaaS Security
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a configuration policy that will apply to an HR app that manages employees, a marketing app that manages content, and an R&D app that manages software versions, all while aligning with NIST compliance standards.  However, there are several settings that can be applied to nearly every app in the SaaS stack. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.  Start with Admins Role-based access control (RBAC) is a key to NIST adherence and should be applied to every SaaS a
Cybersecurity Resources