Sloppy banks open the door to phishermen

A new vulnerability makes it easier for fraudsters to pass off content from bogus websites as the real thing. Using a variant of well-known cross site scripting attacks, British Web developer and security researcher Sam Greenhalgh was able to inject JavaScript from his own website into pages generated by NatWest, Mastercard and Barclays. Even the website of GCHQ, Britain's electronic eavesdropping operation, can be overlaid with bogus content [via The Register]


Popular posts from this blog

Civilisational Data Mining

The Nature of Nurture?