VMware acquires desktop application delivery startup CloudVolumes
Cloud and virtualization software provider VMware has acquired CloudVolumes, a startup focused on desktop application delivery.
CloudVolumes’ platform will enable VMware to build real-time application delivery tools across its end-user, datacenter and hybrid cloud platforms. CloudVolumes virtualizes application-management process above the OS, eliminating the need for virtual machine management on a per-VM basis.
More information on the acquisition and on the CloudVolumes platform can be found on VMware’s blog.
New FireEye report details Android SSL vulnerabilities
Six-hundred seventy-four of the top 1,000 apps in the Google Play Store have at least one of three main SSL encryption vulnerabilities, according to a new report from security software provider FireEye.
The report, “SSL Vulnerabilities: Who listens when Android applications talk?” analyzed Google Play’s most downloaded Android applications and found that a significant portion of them are susceptible to man-in-the-middle attacks. The Android platform’s use of the HTTPS communication protocol, secured with SSL/TLS encryption, can leave it exposed to attacks if the SSL libraries are used incorrectly.
According to the report, which analyzed approximately 10,000 Google Play Store applications for the three main SSL vulnerabilities (not checking server certificates, not verifying server hostnames, and ignoring SSL errors), more than half of the applications were found using one or more of the vulnerable practices.
The full FireEye report is available here.