Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Over 25,000 iOS apps affected by bug breaking HTTPS

Over 25,000 iOS apps affected by bug breaking HTTPS

2015/04/25

Softpedia - (International) Security researchers at SourceDNA discovered a vulnerability in version 2.5.3 of the AFNetworking library for Apple iOS and OS X products in which attackers could carry out man-in-the-middle (MitM) attacks and access encrypted information by exploiting the library's failure to check the domain name secure sockets layer (SSL) certificates were issued for. More than 25,000 apps are affected by the flaw.

Source: http://news.softpedia.com/news/Over-25-000-iOS-Apps-Affected-by-Bug-Breaking-HTTPS-479351.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:11