Threat Post

Renewed Attention on Android Apps Failing SSL Validation

CERT researcher Will Dormann presented an update on his research looking at Android apps that fail to validate SSL; Google meanwhile, says it will get stricter with enforcement. SAN FRANCISCO – ...
Threat Post

Researcher Says LG App Update Mechanism Doesn’t Verify SSL Cert

Many smartphones manufactured by LG contain a vulnerability that can allow an attacker to replace an APK file with a malicious file of his choice. The problem is the result of several conditions on LG ...