Good news ! Hackbusters community is waiting for you !
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at:

Security Flaw Leaves Major Banking Apps Vulnerable to MiTM Attacks Over SSL

A team of security researchers has discovered a critical implementation flaw in major mobile banking applications that could leave banking credentials of millions of users vulnerable to hackers.

The vulnerability was discovered by researchers of the Security and Privacy Group at the University of Birmingham, who tested hundreds of different banking apps—both iOS and Android—and found that several of them were affected by a common issue, leaving their users vulnerable to man-in-the-middle attacks.

The affected banking apps include HSBC, NatWest, Co-op, and Bank of America Health, Santander, and Allied Irish bank, which have now been updated after researchers reported them of the issue.

According to a research paper [PDF] published by researchers, vulnerable applications could allow an attacker, connected to the same network as the victim, to intercept SSL connection and retrieve the user's banking credentials, like usernames and passwords/pincodes—even if the apps are using...(continued)

View All Trending Stories