News

|

Feeds

|

Email

DUBLIN, May 17, 2022 /PRNewswire/ -- Mobile threat defense solution provider, Corrata, today announced the discovery of poor encryption practices on a number of major websites including Irish telecoms company Eir and German newspaper Bild. In line with its responsible disclosure practice, Corrata contacted the owners of the websites concerned and the weaknesses have now been remedied. However it is likely that other websites contain similar vulnerabilities and Corrata urges website owners to make sure that their encryption is in line with industry best practice.

Today the vast majority of websites use encryption to ensure that sensitive data exchanges between users and the website remain confidential. This confidentiality depends on the use of an internet protocol known as Transport Layer Security (TLS). HTTPS is the implementation of TLS used when browsing websites. Its use is usually signalled by the appearance of the lock symbol at the top left hand corner of the browser address bar.

However not all website implementations of https are equally secure. Some websites use out of date versions of the protocol which are known to be vulnerable to hacking. This is particularly risky when using Wifi networks because the traffic passing between a mobile phone and a Wifi access point can easily be spied upon. Internet users rely on the fact that sensitive data is transmitted in encrypted form to combat such spying. However where weak encryption is used it will fail to protect sensitive data such as passwords, financial information and other confidential data.

The specific weakness discovered by Corrata related to a misconfiguration of the sites' web servers to favor an old insecure cipher called RC4 when accessed using iOS devices (iPhones and iPads). Vulnerabilities in this cipher make it vulnerable to hacking and website owners have been strongly advised not to use it for at least ten years. Devices with Corrata's mobile threat defense solution installed automatically detect these flaws and prevent users' data being stolen. It is these routine checks which brought the vulnerability to light.

About Corrata

Corrata are global leaders in mobile security for organisations of all sizes. Headquartered in Dublin, Ireland, they currently work with leading businesses across Europe and North America to provide complete protection against phishing, malware, man-in-the-middle attacks and data loss on smartphones and tablets without the complexity found in competing solutions. Corrata's mobile endpoint security solution operates discreetly and locally on a user's mobile phone or tablet, with no interruption of device performance and without compromising employee privacy or user experience.

View original content:https://www.prnewswire.com/news-releases/mobile-security-specialist-corrata-discovers-weak-encryption-on-major-websites-when-accessed-using-ios-devices-301548823.html

SOURCE Corrata

Email

|

Slashdot

|

Digg

|

Del.icio.us

|

Feeds

RELATED NEWS ARTICLES

Identiv Completes Thailand Manufacturing Transition, Unlocking Next-Generation Multicomponent Manufacturing for Advanced IoT Solutions | Jan 22, 2026 New Report Names States Most Vulnerable to Holiday Scams | Jan 22, 2026 Android Mobile Adware Surges in Second Half of 2025 | Jan 22, 2026 Breakthrough Progress: METiS TechBio Publishes Consecutive Research Findings in Nature Communications and the Journal for ImmunoTherapy of Cancer | Jan 22, 2026 Truvista Fiber Acquires SlyTel | Jan 22, 2026 Healthcare Industry Executives are Likely to be Personal Targets of Cybercrime | Jan 22, 2026 LG ELECTRONICS INTRODUCES 2026 LG GRAM LINEUP ELEVATED BY AEROMINUM | Jan 22, 2026 Global Cyber Alliance Identifies Five Cybersecurity Forces That Defined 2025 - And Will Shape 2026 | Jan 22, 2026 pgEdge Announces pgEdge Agentic AI Toolkit for Postgres | Jan 22, 2026 Guardz 2025 SMB Cybersecurity Report: Nearly 50% of U.S. Small Businesses Have Been Hit by Cyber Attack | Jan 22, 2026