Threat Post

Mozilla Patching Firefox Certificate Pinning Vulnerability

Mozilla is expected tomorrow to patch a critical certificate pinning vulnerability in Firefox’s automated update process for extensions. Mozilla is expected tomorrow to patch a critical vulnerability ...
ZDNet

Man-in-the-middle flaw left smartphone banking apps vulnerable

A vulnerability in the mobile apps of major banks could have allowed attackers to steal customers' credentials including usernames, passwords, and pin codes, according to researchers. The flaw was ...
Infosecurity-magazine.com

Putting TLS Pinning in Your Mobile Apps

For mobile applications, Transport Layer Security (TLS) certificate pinning goes a long way toward building security into an app and enhancing user and data privacy. The successor protocol to Secure ...
Business Wire

Approov Introduces Free Tool to Help Thwart Mobile App API Man-in-the-Middle Attacks

SAN JOSE, Calif. & EDINBURGH, Scotland--(BUSINESS WIRE)--Approov, creators of advanced API threat protection solutions, today introduced the Mobile Certificate Pinning Generator, a free tool to help ...
Threat Post

Microsoft EMET 4.0 Enables Certificate Pinning to Defeat MITM Attacks

Microsoft later this month will release a new version of its EMET protection tool, and this iteration will include a certificate pinning feature that will enable users to associate a specific ...
ZDNet

Facebook rolls out 'Whitehat Settings' to help bug hunters analyze traffic in its mobile apps

Facebook made a significant concession to vulnerability researchers last week by adding a special setting to Facebook accounts to accommodate whitehat security research. The new option, named ...
PC World

Firefox adds protection against rogue SSL certificates

Mozilla has added a defense in its latest version of Firefox that would help prevent hackers from intercepting data intended for major online services. The feature, known as certificate key pinning, ...