Author: Cyberthreat Blog

The “SCSB Shelbyville IL Mobile Banking” by Shelby County State Bank app 3.0.0 — aka scsb-shelbyville-il-mobile-banking/id938960224 for iOS does not verify X.509 certificates from SSL servers, which allows...

The “Peoples Bank Tulsa” by Peoples Bank – OK app 3.0.2 — aka peoples-bank-tulsa/id1074279285 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof...

The “Oritani Mobile Banking” by Oritani Bank app 3.0.0 — aka oritani-mobile-banking/id778851066 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof...

The “Community State Bank – Lamar Mobile Banking” by Community State Bank – Lamar app 3.0.3 — aka community-state-bank-lamar-mobile-banking/id1083927885 for iOS does not verify X.509 certificates...

The “PCSB BANK Mobile” by PCSB Bank app 3.0.4 — aka pcsb-bank-mobile/id1067472090 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and...