Don Duncan, Director at NuData, comments on a report issued yesterday by SC Media disclosing that 75 percent of online banking systems contained cross-site scripting flaws, 69 percent lacked protection from data interception, 63 percent had insufficient authorisation, 50 percent were vulnerable to sensitive data disclosure.
While fewer critical vulnerabilities is good news, this doesn’t mean customer accounts are protected. All the exposed data – due to the endless breaches – makes it easier to find working username and password combinations. Today, a fraudster doesn’t need to break a system to access sensitive data. Most of the attacks’ objective is to reach sensitive data they can profit from. Bad actors can easily get their hands on the customer data that breaches make available.
For the complete article, go here.