Mobile Platform Attack Vectors
|
|-- Vulnerable Areas
|   |-- Business and Personal Use
|   |-- Internet Connectivity
|   |-- Communication Methods
|
|-- OWASP Top 10 Mobile Risks (2016)
|   |-- Improper Platform Usage
|   |-- Insecure Data Storage
|   |-- Insecure Communication
|   |-- Insecure Authentication
|   |-- Insufficient Cryptography
|   |-- Insecure Authorization
|   |-- Client Code Quality
|   |-- Code Tampering
|   |-- Reverse Engineering
|   |-- Extraneous Functionality
|
|-- Anatomy of a Mobile Attack
|   |-- Device Attacks
|   |-- Network Attacks
|   |-- Data Center/CLOUD Attacks
|
|-- Hacker Profits
|   |-- Surveillance
|   |-- Financial Exploitation
|   |-- Data Theft
|   |-- Botnet Activity
|   |-- Impersonation
|
|-- Mobile Attack Vectors and Vulnerabilities
|   |-- Mobile Malware
|   |-- Data Tampering and Loss
|
|-- Security Issues from App Stores
|   |-- Malicious Apps
|
|-- App Sandboxing Issues
|   |-- Sandboxing Vulnerabilities
|
|-- Mobile Spam
|   |-- SMS Phishing (SMiShing)
|
|-- Pairing Mode Risks
|   |-- Bluetooth and Wi-Fi Vulnerabilities
|
|-- Advanced Attacks
    |-- Agent Smith Attack
    |-- SS7 Vulnerability Exploits
    |-- Simjacker Attack
    |-- OTP Hijacking