Abstract

Organizations are all so anxious to reach their “mobile moment”, but are failing miserably at securing the mobile application traffic, in a variety of ways.

We will review some of the common pitfalls with mobile application traffic encryption, how to test for vulnerabilities and a fool-proof method on how to prevent your organization from falling victim to these all too common errors.

We will also be presenting a novel SSL/TLS attack, which could be used for a semi-permanent, nearly undetectable MitM attacks.