WebApp Sec mailing list archives
RE: Internet based banking applications security
From: "Griffiths, Ian" <Ian.Griffiths () liv-coll ac uk>
Date: Wed, 12 May 2004 09:31:55 +0100
I'd guess that a major issue at the moment is users being fooled in to entering their details in to a nefarious web application which looks authentic but of course is not. I'm not sure if discussion of this would be beyond the scope of the list. Ian -----Original Message----- From: Amit Sharma [mailto:amit.sharma () linuxwaves com] Sent: Wed 12/05/2004 03:39 To: webappsec () securityfocus com Cc: Subject: Internet based banking applications security Hi List, I have been auditing a local Internet Bank's website in my area for a while now. OWASP and this mailing list provides excellant resource for looking at web apps security from a technical perspective; SQL injections, cross-site issues and like wise. However, am sure there are domain specific security issues including social engineering, audit trail ones, outsourcing control requirements etc, into core of these web applications and developing an insight would improve security tremendously. Typical applications that now have web front end include balance inquiry, funds transfer, bill payment, transaction information, loan application. Any directions will be welkome. Gracias, Amit
Current thread:
- Internet based banking applications security Amit Sharma (May 11)
- <Possible follow-ups>
- RE: Internet based banking applications security Griffiths, Ian (May 12)
- Phishing Rogan Dawes (May 12)
- Re: Phishing Jordan Dimov (May 12)
- RE: Phishing Mark Curphey (May 12)
- Re: Phishing Glenn and Mary Everhart (May 12)
- Re: Phishing Antonio Varni (May 12)
- Phishing Rogan Dawes (May 12)