iOS Archives - Page 1

AccuWeather iOS app privacy issues: Lessons & Takeaways

AccuWeather recently received a public flogging for their mobile app’s privacy practices. Read a quick summary of the incident with a few lessons on critical mobile app security best practices.

Read Now >

A security analyst’s guide to NSAppTransportSecurity, NSAllowsArbitraryLoads, and App Transport Security (ATS) exceptions

I’ve recently noticed a spike in questions from our customers — and specifically security analysts — about App Transport Security (ATS), or NSAppTransportSecurity, for iOS apps. ATS is a critical security practice for our customers in financial services and other regulated industries. A lot of ATS documentation already exists, but questions persist. A core part

Read Now >

New Mobile Risk: Decryption key published for iOS Secure Enclave Processor

A researcher published the decryption key for the iOS Secure Enclave Processor exposing a critical new risk within the iOS operating system. We’ve verified this information and explained its impact.

Read Now >

The latest in mobile app vetting technology: Announcing NowSecure Intelligence Early Access

Because organizations need visibility into the security status of public app store apps, we’ve extended the NowSecure Platform to provide “AlwaysOn” mobile app vetting for third-party mobile apps with our new NowSecure Intelligence™ product.

Read Now >

Certificate pinning for Android and iOS: Mobile man-in-the-middle attack prevention

Implementing certificate pinning in mobile apps that handle highly sensitive data provides too much benefit to be passed over. Users can be tricked into installing a malicious self-signed certificate on a mobile device, setting the stage for a man-in-the-middle attack. In those situations, certificate pinning can still prevent the interception of an app’s network traffic.

Read Now >

OWASP iOS crackme tutorial: Solved with Frida

In this post I explain step-by-step how I solved the OWASP Mobile Security Testing Guide (MSTG) Crackme Level 1 using Frida (and how I then automated it).

Read Now >

iOS

AccuWeather iOS app privacy issues: Lessons & Takeaways

A security analyst’s guide to NSAppTransportSecurity, NSAllowsArbitraryLoads, and App Transport Security (ATS) exceptions

New Mobile Risk: Decryption key published for iOS Secure Enclave Processor

The latest in mobile app vetting technology: Announcing NowSecure Intelligence Early Access

Certificate pinning for Android and iOS: Mobile man-in-the-middle attack prevention

OWASP iOS crackme tutorial: Solved with Frida

Webinars

Best Practices

Resources

Solutions

Industries

Customers

Resources

Company

Labs

Skip links

iOS

Footer

Solutions

Industries

Customers

Resources

Company

Labs