I came across a study today written by Laura Falk, Atul Prakash and Kevin Borders from the University of Michigan which explains that of the 214 US banking sites reviewed 76% have security holes.
The report focuses on security issues that have occurred because of poor design decisions in the development of the banking sites. I like this approach because it demonstrates that security compromises don't just occur through obscure or fancy attacks.
Some of the issues highlighted are things that I would suggest are obvious design flaws such as beginning a logon session from an HTTP page.
I would suggest that anyone with an interest in secure web application development should have a read of this report. My article in the next edition of Insecure Magazine will give you tips on how to avoid these types of design issues.
Dave
Posts
An idea to help secure U.S. cybersecurity…
9 years ago
No comments:
Post a Comment