#1
|
|||
|
|||
Online Banking & CSRF (Cross Site Request Forgery)
"It is rather hard to avoid these bugs and expect more of them to be found. It is best practice to log out of sites (in particular banking sites) once you no longer need the content. This will limit the attack window for the most dangerous CSRF attacks. Limited use of javascript (should I mention the NoScript extension to Firefox again?) will help as well. But ultimately, this is an issue that has to be fixed by the website."
http://isc.sans.org/diary.php?storyid=1995&rss DH |
Thread Tools | |
Display Modes | |
|
|