If you have an android device and use Dropbox, you should be aware of a new vulnerability that allows cyber criminals to harvest data from your device.
Dropbox has stated that this vulnerability only impacts new files being saved into the users Dropbox via a vulnerable app that has not updated or been patched by the end user.
Microsoft has also their apps in the Google Play store to address this vulnerability.
The new vulnerability has been found by an IBM research team and called “DroppedIn”. This threat allows cyber criminals to connect to a smart android device to a Dropbox account controlled by the cybercriminal and extract data.
The IBM research team has rated the vulnerability as “severe” as the app uses the SDK in Microsoft Office Mobile which hosts over 35 billion files on Dropbox. The vulnerability can be exploited using a malicious app installed on the user’s device or remotely using drive-by techniques.
Good news is that Dropbox has updated its Android SDK and urging users to update their software.
365 iT SOLUTIONS is a leading managed services provider (MSP) in Toronto offering a wide variety of industry leading IT consulting services including Managed IT Services, IT Support Services, IT Outsourcing Services, Tech Support Services and Cloud Services.
Take advantage of our Complimentary Network and Security Assessment by 365 iT SOLUTIONS
Making I.T. Simple!