Five months after Ameriprise Financial fixed a bug that could have helped
criminals steal user authentication credentials, the financial giant’s website
is vulnerable again.

The flaw looks almost identical to one The Register reported in August. It
allows attackers to inject malicious code into official Ameriprise webpages that
steals user cookies. Websites often use such files to authenticate users before
giving them access to restricted content or services.


Оставить мнение

Check Also

WTF is APT? Продвинутые атаки, хитрости и методы защиты

Наверняка ты уже читал о масштабных сетевых атаках, от которых пострадали банки, крупные п…