TweakTown

iOS contained security flaw that failed to validate SSL

Apple quietly provided iOS 7.0.6 update to fix a vulnerability issue in an SSL connection verification. Many security experts concluded that there's a major security flaw found in the OS. End users ...
Threat Post

CERT/CC Enumerates Android App SSL Validation Failures

The CERT Coordination Center at Carnegie Mellon today released a list of Android applications hosted on Google Play and Amazon that it says fail to validate SSL certificates over HTTPS. A growing ...
Threat Post

FTC Settles With Fandango, Credit Karma Over SSL Issues in Mobile Apps

The makers of Fandango and Credit Karma have settled with the Federal Trade Commission after the commission charged that they deliberately misrepresented the security of their apps and failed to ...
TWCN Tech News

This server could not prove that its security certificate is not trusted

While browsing a website on Google Chrome, if you get an error saying This server could not prove that it is <domain.com>; its security certificate is not from <ABC ...
CSOonline

Researchers propose TLS extension to detect rogue SSL certificates

A pair of security researchers have proposed an extension to the Transport Layer Security (TLS) protocol that would allow browsers to detect and block fraudulently-issued SSL certificates. Called TACK ...
CSOonline

Security analysis of mobile banking apps reveals significant weaknesses

A security analysis of mobile banking apps for iOS devices from 60 financial institutions around the world has revealed that many were vulnerable to various attacks and exposed sensitive information.