Description: Tony Trummer and Tushar Dalvi (Linkedin) discussed how prevalent SSL certificate validation failures are in very popular applications: "The presentation shows how some popular applications failed to encrypt traffic at all resulting in the leakage of tens of millions of users' data. The talk covers recent U.S. Government penalties that companies who fail to protect data may be subject to. A new attack is being discussed, that is particular applicable to mobile and especially on the Android platform, which potentially allows for a persistent MitM attack that is undetectable on the device itself. Lastly, the talk addresses how organizations can implement a fool-proof method to protect themselves against this mistake."
For More Information Please Visit:- https://www.deepsec.net/
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.