An attacker can exploit iOS WebViews to make automatic calls to an attacker-controlled phone number OR FaceTime address. Our research has found that FaceTime URL (facetime://) handlers are frequently overlooked in iOS applications. The oversight allows an attacker to potentially capture a video or snapshot of the affected user by directing them to a webpage from within a vulnerable WebView.
Security analysts typically rely on their development team to export an .ipa file for security testing iOS apps. This post provides step-by-step instructions for using Xcode to export an app for security testing purposes.
If you’ve ever tried to compile DVIA for iOS 10 and Xcode 8, you probably ran into some challenges. This article teaches you step-by-step how to compile DVIA for mobile app security testing.
Customers use Lab Workstation to significantly reduce the time and effort required to perform static and dynamic application security testing of Android and iOS apps.
Insecure mobile apps put enterprises and their customers, employees, contractors, and partners at risk. Application security teams perform a critical business function by identifying security flaws in mobile apps before they go to market and expose sensitive data or threaten the integrity of mobile devices. Teams want to create a consistent process for mobile, avoid