Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

NASDAQ Vulnerable to XSS

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 16 Jan 2015 10:32:07 +0000 (UTC)
http://www.infosecnews.org/nasdaq-vulnerable-to-xss/

By William Knowles @c4i
Senior Editor
InfoSec News
January 16, 2015
Bob Greifeld, CEO of The NASDAQ Stock Market explains in a promotional video “that NASDAQ is a technology based company, those businesses that we’re in have a unifying theme that are built upon our technology.”
Top technology companies such as Google, Tesla, Amazon, and GoPro to name a few use NASDAQ as their trading exchange.
When NASDAQ “goes to a developing market and provide to them our technology, its not just the software code, its all the best practices that have been developed on a global basis that they to integrate into their operations.”
With this information in mind, it doesn’t explain why a security researcher named analfabestia was able to discover and report a new XSS (Cross-Site Scripting) vulnerability on NASDAQ.com on January 14, 2015, The sixth such vulnerability in nearly seven years. 

[...]


--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
Previous By Date Next
Previous By Thread Next

Current thread: