Sky Go app security failure exposes customers to snooping, data theft

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
A vulnerability in the Sky Go Windows desktop application which leaks session data including usernames has been disclosed by a researcher.
According to application security expert Sean Wright, the security flaw, CVE-2018-18908, relates to the transfer of data in plain text.

The desktop application performs several requests over plain HTTP. Without any form of encryption in place, any information sent via these requests is not hashed or protected, leaving users open to attack.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top