When you go to a security conference, and its mobile app leaks your data
RSA Conference attendee contact data extracted using hard-coded API data.
A mobile application built by a third party for the RSA security conference in San Francisco this week was found to have a few security issues of its own—including hard-coded security keys and passwords that allowed a researcher to extract the conference’s attendee list. The conference organizers acknowledged the vulnerability on Twitter, but they say that only the first and last names of 114 attendees were exposed. ..Read More..