1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Black Hat security conference trims insecure features from its mobile app

Discussion in 'CSO' started by RSS, Aug 1, 2016.

  1. RSS

    RSS New Member Member

    Black Hat has disabled features of its mobile application because attackers could have logged in as legitimate attendees, posted messages in their names and spied on the messages they sent.

    The problem was discovered by mobile security vendor Lookout who detail the problem in a blog that says the method of registration and password resets were flawed.

    “[W]e've removed user-to-user messaging functionality and activity feed updates out of an abundance of caution,” a spokesperson for the conference organizer UBM said in an email.

    [ ALSO ON CSO: Black Hat: 9 free security tools for defense & attacking ]

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page