jueves, 22 de diciembre de 2016

Insecure Cordova Banking App


This time i be exposes to: Davivienda Móvil, BANCO DAVIVIENDA S.A.

Which it has a number of serious security problems:

1-Insufficient Transport Layer Protection
2-Lack of Binary Protections
3-Insecure Local Storage
4-Broken Cryptography


This application allows cloning of credentials via VM Injection attacks, the company responsible for developing the app was "Todo1", too detect an insecure library developed by "Easy Solutions".

Details: BANCO DAVIVIENDA S.A.

GitHub: ExposingIndustryMediocrity

No hay comentarios:

Publicar un comentario en la entrada