Web-apps pose security risk – watch your back

Web-apps gained some considerable steam in the early days of the iPhone’s application development (we’re using the term application quite loosely here). It was becoming quite evident that anyone and everyone could easily build-out a web-app – and that’s where the potential security risk exists (iPhone owners should be all that more grateful for all the native iPhone apps already out there and in development).

A new security report from Fortify Software outlines just how hackers can exploit web-apps to wreak havoc on your device – Security Web Applications Under Attack: Four Eye-Opening Findings. Among the more scary of security risks is the potential for direct attacks and “bot storming.” Hackers can use automated bots to seek out and exploit vulnerabilities in the web-app’s components to deliver malicious code. Direct attacks can be carried out by an individual on a specific target – SQL injection, cross-site scripting, and buffer overflow attacks. These types of attacks are more severe, but since direct human action is necessary, they’re more rare.

The study was conducted over a six month period and monitored the attack patterns on live web-app sites. It looks like we should all be considering sticking to our natively installed applications. If you got to use a web-app, use with caution.

Find the report here. (Warning: registration required)

[Via: InfoWorld]