Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security

Submission + - Thieves found Citigroup site an easy entry (msn.com)

klubar writes: After logging in, theives used a simple GET replacement to switch among Citibank credit card accounts. Anyone with a simple browser sniffer (fiddler tools, and many others) can see the URL strings. This one appears to be even easier as it was in the URL string. You think that they would have checked for such a rookie mistake and put in better security. It's also interesting that it took so long to discover.

Slashdot Top Deals

"You show me an American who can keep his mouth shut and I'll eat him." -- Newspaperman from Frank Capra's _Meet_John_Doe_

Working...