24 Jan Sky Go App Bug Puts Customer Data at Risk
Security researcher Sean Wright revealed this week that a vulnerability in the Sky Go Windows desktop application which may put customer data at risk of exposure.
Wright says the app makes several requests over plain HTTP without any encryption in place, which means information sent via these requests are not hashed or protected, leaving users susceptible to Man in the Middle (MiTM) attacks.
Wright added that some of the requests may contain potentially sensitive information which could be useful to an attacker, and it is uncertain if the bug has already been fixed.
Source: ZDNet
