New Study Says Bank Web Apps Most Vulnerable to Hacking
According to new research released by security firm Positive Technologies last Monday, web apps from banks and financial institutions are highly vulnerable to hacking.
The security researchers tested 33 websites and found that around half had XML external entity flaws and arbitrary file reading and modification flaws, while 80% were vulnerable to cross-site scripting (XSS) attacks. 85% of all tested apps had bugs that allowed a hacker to steal users’ cookies, implement phishing attacks, or infect the user’s device with malware.
The study did not name the banks that developed the flawed apps, but it was noted that a 100% vulnerability rate for a sector that handles money does not reflect well for the entire financial industry.