xss

"Your financial protection is our priority and we take this very seriously" "Our service actively protects both your identity and your finances." "We take every step possible to keep your finances and personal details safe." Confident statements; so you'd be forgiven for having equal confidence in their abilities to protect

Update(s): 18/Dec/2012 - One SSL bug now fixed (might want to put security testing out to tender next time!) - but still a few to go.  Directory traversal still possible... hint encode/escape or strip, don't add slashes!  Significant improvements have been made to the SSL implementation

Update(s): 18/Dec/2012 - One SSL bug now fixed (might want to put security testing out to tender next time!) - but still a few to go.  Directory traversal still possible... hint encode/escape or strip, don't add slashes!  Significant improvements have been made to the SSL implementation

Update as of 15/03/13: I have received a number of emails asking for further comments on the situation @ MyDish. I firmly believe that every effort is being made to rectify the issues I've identified - and the insinuation that Carol or the team at MyDish have ignored the

Back in March 2014, I contacted ASDA to report several security vulnerabilities and despite a fix promised "in the next few weeks", little appears to have changed. @Stuho1mez All of our sites are secure, I would advise using Chrome. Thanks, Beth — Asda Service Team (@AsdaServiceTeam) January 14,

Ever since publishing a "two factor authentication vs two step verification" article in 2014, I've been waiting for an opportunity to irrefutably demonstrate the difference. Note: This article is very much a "work in progress" as until both exploits are patched, I can't provide any technical

Private, secure & trusted... or is it?

3 attempts, 3 complete failures. Incredibly, cyberAlarm is now even worse than before.