Author: Cyberthreat Blog

The “Your Legacy Federal Credit Union Mobile Banking” by Your Legacy Federal Credit Union app 3.0.1 — aka your-legacy-federal-credit-union-mobile-banking/id919131389 for iOS does not verify X.509 certificates...

The “Fountain Trust Mobile Banking” by FOUNTAIN TRUST COMPANY app 3.0.0 — aka fountain-trust-mobile-banking/id891343006 for iOS does not verify X.509 certificates from SSL servers, which allows...

The “PCB Mobile” by Phelps County Bank app 3.0.2 — aka pcb-mobile/id436891295 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain...

The “Blue Ridge Bank and Trust Co. Mobile Banking” by Blue Ridge Bank and Trust Co. app 3.0.1 — aka blue-ridge-bank-and-trust-co-mobile-banking/id699679197 for iOS does not verify X.509 certificates from SSL...

The “State Bank of Waterloo Mobile Banking” by State Bank of Waterloo app 3.0.2 — aka state-bank-of-waterloo-mobile-banking/id555321714 for iOS does not verify X.509 certificates from SSL servers, which allows...