Some thoughts on Mobile App Security - is it FUD?

Channel:
United States LiveOverflow
Subscribers:
921,000
Published on ● Video Link: https://www.youtube.com/watch?v=PNuAzR_ZCbo


Duration: 26:54
53,436 views
2,038

Is lack of certificate pinning a severe vulnerability? Is this just fearmongering done for fame? Or is it a valid security issue? In this video I lay out my opinion about it and I'm looking for your input.

link to reddit thread: https://www.reddit.com/r/LiveOverflow/comments/7ijj3g/some_thoughts_on_mobile_app_security_is_it_fud/

https://media.ccc.de/v/33c3-7969-shut_up_and_take_my_money
https://www1.cs.fau.de/content/n26
https://www1.cs.fau.de/nomorp
http://www.sueddeutsche.de/digital/exklusiv-online-banking-apps-sind-anfaellig-fuer-hacker-1.3762624

-=[ 🔴 Stuff I use ]=-

→ Microphone:* https://geni.us/ntg3b
→ Graphics tablet:* https://geni.us/wacom-intuos
→ Camera#1 for streaming:* https://geni.us/sony-camera
→ Lens for streaming:* https://geni.us/sony-lense
→ Connect Camera#1 to PC:* https://geni.us/cam-link
→ Keyboard:* https://geni.us/mech-keyboard
→ Old Microphone:* https://geni.us/mic-at2020usb

US Store Front:* https://www.amazon.com/shop/liveoverflow

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/

-=[ 📄 P.S. ]=-

All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.

#SecurityResearch #MobileSecurity



Other Videos By LiveOverflow


2018-02-10MMORPG Bot part 2 - Some thoughts on the data
2018-02-09MMORPG Bot Reverse Engineering and Tracking
2018-02-02heap0 exploit speedrun & weird ASCII string on the Heap - bin 0x28
2018-01-26Let’s play a game: what is the deadly bug here?
2018-01-19TROOPERS 17 Badge ft. BadgeWizard
2018-01-12Identifying UART and main() in an AVR firmware (ft. Zeta Two) part 1 - rhme2
2018-01-05Regular expression as Finite-state machine - Short
2017-12-29TROOPERS 17 - PacketWars solved with an iPhone
2017-12-22Searching for Bitcoins in GitHub repositories with Google BigQuery
2017-12-15Adapting the 32bit exploit to 64bit for format4 - bin 0x27
2017-12-08Some thoughts on Mobile App Security - is it FUD?
2017-12-01format2 on a modern Ubuntu - bin 0x26
2017-11-27Looking for Feedback - Link to Survey in the Description
2017-11-24Stack grooming and 100% reliable exploit for format0 - bin 0x25
2017-11-17Playing around with a Format String vulnerability and ASLR. format0 - bin 0x24
2017-11-10RTMP Heap Overflow CVE-2016-10191 - Exploiting FFmpeg ft. Paul Cher
2017-11-04Analysis of CVE-2016-10190 - Exploiting FFmpeg ft. Paul Cher
2017-10-27First look at a simple PoC crash - Exploiting FFmpeg ft. Paul Cher
2017-10-20Play CTF! A Great Way to Learn Hacking - Fsec 2017
2017-10-17KRACK - Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
2017-10-13Using z3 to find a password and reverse obfuscated JavaScript - Fsec2017 CTF


Tags:
Live Overflow
liveoverflow
hacking tutorial
how to hack
exploit tutorial
mobile app security
appsec
android
ios
android security
fud
fear uncertainty doubt
vincent haupert
n26
number26
banking apps
mobile banking app
banking app security
bank hacking
dns hijack
ssl mitm
tls mitm
man in the middle