During a recent mobile application security analysis for one of our clients, we identified a quite unobvious behaviour in apps that use the AFNetworking library.
It turned out that because of a logic flaw in the latest version of the library, SSL MiTM attacks are feasible in apps using AFNetworking 2.5.1.
more here..........http://blog.mindedsecurity.com/2015/03/ssl-mitm-attack-in-afnetworking-251-do.html
It turned out that because of a logic flaw in the latest version of the library, SSL MiTM attacks are feasible in apps using AFNetworking 2.5.1.
more here..........http://blog.mindedsecurity.com/2015/03/ssl-mitm-attack-in-afnetworking-251-do.html