funsec mailing list archives

Re: Citibank hacked by URL fuzzing?

From: "Brance Amussen" <brance () jhu edu>
Date: Wed, 15 Jun 2011 14:55:41 -0400

Exactly, seriously... 
Well, they could've put the pin in with the account #... 

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On
Behalf Of Valdis.Kletnieks () vt edu
Sent: Wednesday, June 15, 2011 2:10 PM
To: James Triplett
Cc: funsec () linuxbox org
Subject: Re: [funsec] Citibank hacked by URL fuzzing?

On Wed, 15 Jun 2011 14:00:30 EDT, James Triplett said:

Could this be disinformation?  Maybe the real vulnerability was even 
stupider


OK... I'll bite. What could be stupider?  C'mon guys - what's the dumbest
thing they could have done? ;)


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Re: Citibank hacked by URL fuzzing?, (continued)
- - - Re: Citibank hacked by URL fuzzing? Peter Kosinar (Jun 14)
    - Re: Citibank hacked by URL fuzzing? RL Vaughn (Jun 14)
- Re: Citibank hacked by URL fuzzing? Peter Kosinar (Jun 14)
- Re: Citibank hacked by URL fuzzing? Drsolly (Jun 15)
  - Re: Citibank hacked by URL fuzzing? security curmudgeon (Jun 15)
    - Re: Citibank hacked by URL fuzzing? Drsolly (Jun 15)
    - Re: Citibank hacked by URL fuzzing? Larry Seltzer (Jun 15)
    - Re: Citibank hacked by URL fuzzing? Nick FitzGerald (Jun 15)
  - Re: Citibank hacked by URL fuzzing? James Triplett (Jun 15)
    - Re: Citibank hacked by URL fuzzing? Valdis . Kletnieks (Jun 15)
    - Re: Citibank hacked by URL fuzzing? Brance Amussen (Jun 15)
  - Re: Citibank hacked by URL fuzzing? Jeffrey Walton (Jun 15)
    - Re: Citibank hacked by URL fuzzing? Valdis . Kletnieks (Jun 15)