MITM Vulnerabilities Found in Mobile Banking Apps

A team of researchers has found issues with the validation of TLS certificates for mobile banking and other security-focused applications that could allow man-in-the-middle (MITM) attackers to decrypt their traffic. Some of the apps are from high-profi… Continue reading MITM Vulnerabilities Found in Mobile Banking Apps

VU#556600: Space Coast Credit Union SCCU Mobile for Android and iPhone fails to properly validate SSL certificates

Space Coast Credit Union SCCU Mobile for Android,version 2.1.0.1104 and earlier,and for iOS,version 2.2 and earlier,fails to properly validate SSL certificates provided by HTTPS connections,which may enable an attacker to conduct man-in-the-middle(MITM)attacks. Continue reading VU#556600: Space Coast Credit Union SCCU Mobile for Android and iPhone fails to properly validate SSL certificates

VU#276408: Think Mutual Bank Mobile Banking App for iPhone fails to properly validate SSL certificates

Think Mutual Bank mobile banking app for iOS,version 3.1.5 and earlier,fails to properly validate SSL certificates provided by HTTPS connections,which may enable an attacker to conduct man-in-the-middle(MITM)attacks. Continue reading VU#276408: Think Mutual Bank Mobile Banking App for iPhone fails to properly validate SSL certificates

VU#247016: Flash Seats Mobile App for Android and iOS fails to validate SSL certificates

Flash Seats Mobile App for Android,version 1.7.9 and earlier,and for iOS,version 1.9.51 and earlier,fails to properly validate SSL certificates provided by HTTPS connections,which may enable an attacker to conduct man-in-the-middle(MITM)attacks. Continue reading VU#247016: Flash Seats Mobile App for Android and iOS fails to validate SSL certificates