Researchers Find SSL Problems in WhatsApp
Security researchers at Praetorian, who have been running a project known as Project Neptune to assess the security of mobile apps, did a limited assessment of the iOS and Android versions of WhatsApp and discovered a number of issues around the way the app uses SSL.
“Within minutes, Project Neptune picked up on several SSL-related security issues affecting the confidentiality of WhatsApp user data that passes in transit to back-end servers. This is the kind of stuff the NSA would love. It basically allows them—or an attacker—to man-in-the-middle the connection and then downgrade the encryption so they can break it and sniff the traffic. These security issues put WhatsApp user information and communications at risk,” Paul Jauregui of Praetorian wrote in an explanation of their test.
As a collective of highly technical engineers and developers offering deep security expertise, Praetorian solves the toughest challenges faced by today’s leading organizations across an ever-evolving digital threat landscape. Our solutions enable clients to find, fix, stop, and ultimately solve cybersecurity problems across their entire enterprise and product portfolios. As trusted advisors, Praetorian helps organizations minimize overall information security risk across digital assets so they can focus on what's important—their core business.
Guided by its “customer first” principles, Praetorian’s reputation for delivering value to the customer has resulted in a three-year growth rate of 214%. Its growing team has been nationally recognized by the Inc. 5000 list of America’s fastest-growing companies for three consecutive years, CIO Top 20, Cybersecurity 500 list of top cybersecurity companies, and Austin’s “Fast 50” growing firms.follow us on:
Facebook facebook.com/praetorianlabsFor more information: