The Latest in IT Security

Security Vulnerabilities in Certificate Pinning

08
Dec
2017

the_open_gate_-_geograph-org-uk_-_1484751

New research found that many banks offer certificate pinning as a security feature, but fail to authenticate the hostname. This leaves the systems open to man-in-the-middle attacks.

Related posts:
  1. Gmail for iOS Poses Man-in-the-Middle Attack Risk
  2. Fraudulent Google.com Certificate Causes Worries
  3. Google Gmail App for iOS Doesn’t Perform Certificate Pinning: Researchers
  4. Firefox 32 Brings Security Fixes, Public Key Pinning
  5. Microsoft blacklists fraudulently issued SSL certificate

Read More

Tags:  
Written by Schneier
0 Comments

Leave a reply


Categories

SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments