Mobile phones and tablets have made their way into every part of our lives both personally and professionally. Work phones given to employees are not just used for official purposes, but also used for entertainment, social networking, and online shopping. The functions are endless. But companies forget to secure these mobile devices/tablets. Not all websites are secure, in fact, some of the biggest sites in the world can still have major security flaws that can put your data at risk.
And that is exactly what happened. We are always on the lookout for security issues so we can help companies minimize their financial losses. We recently discovered a security issue with the German news site, www.bild.de. This site gets approximately 200 million visits per month and is one of the most visited sites in the world!
So, what was the security issue?
The website contained some misconfigured security settings which resulted in 3DES being used on multiple pages, including the user login page which puts iPhone users at risk. The readers’ connection was encrypted using outdated technology putting them at risk of a man-in-the-middle attack.
Why is this dangerous?
We’ve all been warned to watch for the padlock in your web browser as that meant you were visiting a secure site. In reality, not all padlocks are created equally. Websites with a padlock may still be using outdated cipher suites (like Bild) allowing your password and other sensitive data to be stolen.
Even with the latest flagship phones and software updates, your device is still vulnerable. A mobile/tablet needs network protection to prevent potential man-in-the-middle attacks. Corrata instantly detects and blocks risky resources. The bild.de login page was automatically blocked by our software, which led to our discovery of this major security misconfiguration. We reported this issue to Bild.de and they are resolving it.
No business has the capability to individually monitor every website visited by their employees, that’s why Corrata is the perfect solution for you. We constantly protect your devices from threats your employees encounter every day without even knowing it! Don’t just take our word for it, take the word of one of our clients, a leading bank in Europe (Ulster Bank).