The FBI just released a new Alert # I-061020-PSA, warning the public that as they increase the use of mobile banking applications (partly due to the increased forced time at home from the COVID-19 restrictions), they should expect more exploit attempts by cyber actors. Americans have been increasingly using their mobile devices to conduct banking activities, including cashing checks and transferring funds. It’s estimated that more than 75 percent of Americans used mobile banking during 2019. And that since 2020 began there’s been an increase of 50% in usage of mobile banking. With this increase, the FBI expects cyber actors to attempt to exploit new mobile banking customers using a variety of exploit techniques.
While most of the FBI’s recommendations for staying safe revolve around making sure you don’t download fake apps, and to keep your banking passwords secure by choosing hard to guess passwords and using multi-factor authentication, financial institutions should also think about bolstering their application security around their banking applications.
We know from the findings of the newest Verizon Data Breach Incident Report that attacks on web applications have doubled in the last year. The latest studies from Forrester’s newest edition of The State of Application Security, tell us that applications are more vulnerable than ever.
Reports like these should be a good reminder for enterprises that it’s time to beef up your application security.
K2 offers a next generation application workload security platform. K2’s application security monitors the application and has a deep understanding of an application’s control flows, DNA and execution. By validating the application’s control flows, deterministic security is based on the application itself, rather than relying on past attacks to determine a zero day attack. Deterministic security results in the detection of sophisticated zero day attacks and also protects from application from the risks listed in the OWASP Top Ten.
K2’s Next Generation Application Workload Protection Platform addresses today’s need for runtime security in an easy to use, easy to deploy solution. K2’s unique deterministic security detects new attacks without the need to rely on past attack knowledge, is lightweight, and adds under a millisecond of latency to the running application. To aid in quick remediation of vulnerabilities, K2 also provides detailed attack telemetry including the code module and line number being in the code being attacked, while at the same time integrating with leading firewalls to do real time attacker blocking.
Change how you develop and protect your applications.