Author: Cyberthreat Blog

The “PCSB BANK Mobile” by PCSB Bank app 3.0.4 — aka pcsb-bank-mobile/id1067472090 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and...

The “FSBY Mobile Banking” by First State Bank of Yoakum TX app 3.0.0 — aka fsby-mobile-banking/id899136434 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers...

The “Morton Credit Union Mobile Banking” by Morton Credit Union app 3.0.1 — aka morton-credit-union-mobile-banking/id1119623070 for iOS does not verify X.509 certificates from SSL servers, which allows...

The “SVB Mobile” by Sauk Valley Bank Mobile Banking app 3.0.0 — aka svb-mobile/id796429885 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers...

KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer.aspx?id=/Uploads file-management component. An unauthenticated user can access the file upload and deletion functionality. Through...