Paul Moore
Information Security Consultant
Home
Twitter
LinkedIn
Email Me
Home
Twitter
LinkedIn
Email Me
Home
xsrf
xsrf
Companies House Security Review - Part 2
Update(s): 18/Dec/2012 - One SSL bug now fixed (might want to put security testing out to tender next time!) - but still a few to go. Directory traversal still possible... hint encode/escape or strip, don't add slashes! Significant improvements have been made to the SSL implementation
MyDish.co.uk Security - Missing a vital ingredient?
Update as of 15/03/13: I have received a number of emails asking for further comments on the situation @ MyDish. I firmly believe that every effort is being made to rectify the issues I've identified - and the insinuation that Carol or the team at MyDish have ignored the
Identity theft & payment fraud? That's ASDA price.
Back in March 2014, I contacted ASDA to report several security vulnerabilities and despite a fix promised "in the next few weeks", little appears to have changed. @Stuho1mez All of our sites are secure, I would advise using Chrome. Thanks, Beth — Asda Service Team (@AsdaServiceTeam) January 14,
Contact Me
Have a question? Want me to review a product?
Contact us
Link copied to clipboard.
You've successfully subscribed to Paul Moore
Great! Next, complete checkout for full access to Paul Moore
Welcome back! You've successfully signed in.
Unable to sign you in. Please try again.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.