Information Security News mailing list archives
NASDAQ Vulnerable to XSS
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 16 Jan 2015 10:32:07 +0000 (UTC)
http://www.infosecnews.org/nasdaq-vulnerable-to-xss/ By William Knowles @c4i Senior Editor InfoSec News January 16, 2015Bob Greifeld, CEO of The NASDAQ Stock Market explains in a promotional video “that NASDAQ is a technology based company, those businesses that we’re in have a unifying theme that are built upon our technology.”
Top technology companies such as Google, Tesla, Amazon, and GoPro to name a few use NASDAQ as their trading exchange.
When NASDAQ “goes to a developing market and provide to them our technology, its not just the software code, its all the best practices that have been developed on a global basis that they to integrate into their operations.”
With this information in mind, it doesn’t explain why a security researcher named analfabestia was able to discover and report a new XSS (Cross-Site Scripting) vulnerability on NASDAQ.com on January 14, 2015, The sixth such vulnerability in nearly seven years.
[...]
-- Evident.io - Continuous Cloud Security for AWS. Identify and mitigate risks in 5 minutes or less. Sign up for a free trial @ https://evident.io/
Current thread:
- NASDAQ Vulnerable to XSS InfoSec News (Jan 16)