certificate validation – WindowsTechs.com

MITM Vulnerabilities Found in Mobile Banking Apps

Posted on December 7, 2017 by Lucian Constantin

A team of researchers has found issues with the validation of TLS certificates for mobile banking and other security-focused applications that could allow man-in-the-middle (MITM) attackers to decrypt their traffic. Some of the apps are from high-profi… Continue reading MITM Vulnerabilities Found in Mobile Banking Apps→

VU#403768: Akeo Consulting Rufus fails to update itself securely

Posted on August 29, 2017 by CERT

Akeo Consulting Rufus fails to securely check for and retrieve updates,which an allow an authenticated attacker to execute arbitrary code on a vulnerable system. Continue reading VU#403768: Akeo Consulting Rufus fails to update itself securely→

VU#489392: Acronis True Image fails to update itself securely

Posted on June 19, 2017 by CERT

Acronis True Image fails to securely check for and retrieve updates,which an allow an authenticated attacker to execute arbitrary code with administrator privileges. Continue reading VU#489392: Acronis True Image fails to update itself securely→

VU#846320: Samsung Magician fails to update itself securely

Posted on June 15, 2017 by CERT

Samsung Magician fails to securely check for and retrieve updates,which an allow an authenticated attacker to execute arbitrary code with administrator privileges. Continue reading VU#846320: Samsung Magician fails to update itself securely→

VU#556600: Space Coast Credit Union SCCU Mobile for Android and iPhone fails to properly validate SSL certificates

Posted on May 4, 2017 by CERT

Space Coast Credit Union SCCU Mobile for Android,version 2.1.0.1104 and earlier,and for iOS,version 2.2 and earlier,fails to properly validate SSL certificates provided by HTTPS connections,which may enable an attacker to conduct man-in-the-middle(MITM)attacks. Continue reading VU#556600: Space Coast Credit Union SCCU Mobile for Android and iPhone fails to properly validate SSL certificates→

VU#276408: Think Mutual Bank Mobile Banking App for iPhone fails to properly validate SSL certificates

Posted on May 4, 2017 by CERT

Think Mutual Bank mobile banking app for iOS,version 3.1.5 and earlier,fails to properly validate SSL certificates provided by HTTPS connections,which may enable an attacker to conduct man-in-the-middle(MITM)attacks. Continue reading VU#276408: Think Mutual Bank Mobile Banking App for iPhone fails to properly validate SSL certificates→

VU#247016: Flash Seats Mobile App for Android and iOS fails to validate SSL certificates

Posted on March 8, 2017 by CERT

Flash Seats Mobile App for Android,version 1.7.9 and earlier,and for iOS,version 1.9.51 and earlier,fails to properly validate SSL certificates provided by HTTPS connections,which may enable an attacker to conduct man-in-the-middle(MITM)attacks. Continue reading VU#247016: Flash Seats Mobile App for Android and iOS fails to validate SSL certificates→