Dozens of popular iOS apps leave user data vulnerable to attack<article>
<section class="page">
<p>Dozens of iOS apps that are supposed to be encrypting their users’ data don’t do it properly, according to a security researcher.</p><p>Will Strafach, CEO of Sudo Security Group, said he found 76 iOS apps that are vulnerable to an attack that can intercept protected data.</p><p>The developers of the apps have accidentally misconfigured the networking-related code so it will accept an invalid Transport Layer Security (TLS) certificate, Strafach
claimed in a Monday blog post. </p><p>TLS is used to secure an app’s communication over an internet connection. Without it, a hacker can essentially eavesdrop over a network to spy on whatever data the app sends, such as login information. </p><p class="jumpTag"><a href="/article/3166530/security/dozens-of-ios-apps-fail-to-secure-users-data-researcher-says.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article>
Source:
Dozens of popular iOS apps leave user data vulnerable to attack
