24 November 2014

Please Engage Brain

Archive for: June, 2011
Keith Appleyardavailable for hire - Bromley

Citi demonstrates lack of good Security practice - ditto BBC

16 June 2011  |  5238 views  |  1  |  Recommends 0

As reported, this greatly surprises me - apparently placing the Credit Card number within the URL, and thus by changing the URL exposes other Credit Card details within having to go through the Access Validation routine. On the one hand you'd assume the system designers didn't 'actually' specify it to be this way, but that the programmer didn't ask...

TagsCardsSecurityGroupWhatever...
Previous 1 Next
 
1,306
Active bloggers
24,807
Members
8,261
Posts
11,527
Comments

Top bloggers: 30 days

Most viewed Engaging
Robert Siciliano

Security analyst, published author, tele...

Karl Rieder

Executive Consultant, with extensive IT ...

Asif Faruque

I am a reporter at Finextra.

Marcelo Delima

Marcelo is Vice President of Marketing f...

Who is commenting on these posts

Paul Schaus
Ketharaman Swaminathan
Cliff Patterson
Neil Vernon
Scott Mills
Dieter Van der Stock
Bjorn Soland
Dean Wallace
Francis Hellawell
Keril Lindkin
Máté Eizenberger
João Bohner