Corporate Identity Theft - Perhaps the biggest risk is where you least expect it...
Update(s): 18/Dec/2012 - One SSL bug now fixed (might want to put security testing out to tender next time!) - but still a few to go. Directory traversal still possible... hint encode/escape or strip, don't add slashes! Significant improvements have been made to the SSL implementation
MyDish.co.uk Security - Missing a vital ingredient?
Update as of 15/03/13: I have received a number of emails asking for further comments on the situation @ MyDish. I firmly believe that every effort is being made to rectify the issues I've identified - and the insinuation that Carol or the team at MyDish have ignored the
CashPlus: "It is secure" - Ooooh no it isn't.
As part of a wider research project, I joined CashPlus in June (18th to be precise), which is purportedly... better than a business bank account So I paid the £29.99 annual membership fee and waited for the card to arrive. Less than a week later, the card arrived and