28 March 2015

Please Engage Brain

Archive for: June, 2011
Keith Appleyardavailable for hire - Bromley

Citi demonstrates lack of good Security practice - ditto BBC

16 June 2011  |  5369 views  |  1  |  Recommends 0

As reported, this greatly surprises me - apparently placing the Credit Card number within the URL, and thus by changing the URL exposes other Credit Card details within having to go through the Access Validation routine. On the one hand you'd assume the system designers didn't 'actually' specify it to be this way, but that the programmer didn't ask...

TagsCardsSecurityGroupWhatever...
Previous 1 Next
24,833
Members
12,352
Comments
8,648
Posts
 
1,177
Active bloggers

Top bloggers: 30 days

Most viewed Engaging
Robert Siciliano

Security analyst, published author, tele...

Charmaine Oak

Shift Thought is a UK-based consultancy...

Jes Breslaw

http://www.delphix.com

Abhishek Chatterjee

Practice Director- Digital Services, EME...

Dan Glessner

Dan leads marketing for Quisk, Inc., a S...

Who is commenting on these posts

Bjorn Soland
Charmaine Oak
Abhishek Chatterjee
Ketharaman Swaminathan
ANJUL SHARMA
Laurence Leyden
KEVIN SMITH
Samarth Bhardwaj
Aditya Gupta
Jamuna Ravi
Tony Wenzel
Jozsef Czimer