Sloppy banks open the door to phishermen

A new vulnerability makes it easier for fraudsters to pass off content from bogus websites as the real thing. Using a variant of well-known cross site scripting attacks, British Web developer and security researcher Sam Greenhalgh was able to inject JavaScript from his own website into pages generated by NatWest, Mastercard and Barclays. Even the website of GCHQ, Britain's electronic eavesdropping operation, can be overlaid with bogus content [via The Register]

Comments

Popular posts from this blog

The Nature of Nurture?

A Short Guide to Collecting your Iranian Travel Visa in London

Nothing New Here Folks