Wachovia Bank's Web Security people did phone me late yesterday to thank
me for raising the security issue. They also stated that they were
investigating why my initial contacts with Wachovia did not result in
an appropriate response.
They said that they also were working with their legal people
On Tue, Jul 10, 2007 at 09:39:33PM -0400, Jim Popovitch wrote:
On Tue, 2007-07-10 at 20:20 -0400, Bob Toxen wrote:
VI. VENDOR RESPONSE
The vendor (Wachovia Bank) was notified via their customer service
phone number on June 25. We were transferred to web support. The
person answering
[EMAIL PROTECTED] wrote:
On Tue, 10 Jul 2007 21:39:33 EDT, Jim Popovitch said:
7 days? industry practice? Come on Bob I know you know that large
corporations can't feed a cat in 7 days let alone make unscheduled
website changes that fast. Change control approvals alone would include
14
I got you right? The one doing just for fun researches is in duty to
find the correct person and not the company, making big buisness, in
providing easy access to this person?
Yes you are obviously right ^^
J. Oquendo wrote:
[EMAIL PROTECTED] wrote:
On Tue, 10 Jul 2007 21:39:33 EDT, Jim
While it is true that lots of folk pick on vendors for a few minutes of
fame, the Wachovia case is slightly different.
They do have an attitude problem and are technically challenged. The basis
for this is a law enforcement conference about six months ago. During a
pressentation a Wachovia
Bob Bruen wrote:
While it is true that lots of folk pick on vendors for a few minutes of
fame, the Wachovia case is slightly different.
They do have an attitude problem and are technically challenged. The basis
for this is a law enforcement conference about six months ago. During a
Or hey, if you're not getting anywhere with him, talk to this guy!
http://www.belkcollege.uncc.edu/jpfoley/
Let me see:
wachovia security cissp incident +network via Google
This looks interesting:
http://www.bryceporter.com/
I would have contacted someone on this level to put me in
On Wed, 2007-07-11 at 12:03 -0400, Bob Bruen wrote:
While it is true that lots of folk pick on vendors for a few minutes of
fame, the Wachovia case is slightly different.
They do have an attitude problem and are technically challenged. The basis
for this is a law enforcement conference
Hi Jim,
No, I did not declare the whole of Wachovia technically challenged based
on the one incident at a security conference.. What I was pointing out is
that the current problem of their failure to put up a secure web and their
failure to respond to notification about has another data point
The link now redirects to an HTTPS page
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bob Toxen
Sent: Tuesday, July 10, 2007 8:20 PM
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] Wachovia Bank website sends confidential
information
On Wed, Jul 11, 2007 at 12:38:54PM -0400, Steve Ragan wrote:
The link now redirects to an HTTPS page
Thanks Steve.
This proves the value of Full Disclosure.
This seems to have changed within a few hours of my posting to Full
Disclosure rather than in the several weeks after I first alerted it.
Reconfirming time stamp(s)
!-- Vignette V6 Wed Jul 11 16:13:41 2007 --
their policy pages was updated
On 7/11/07, Bob Toxen [EMAIL PROTECTED] wrote:
On Wed, Jul 11, 2007 at 12:38:54PM -0400, Steve Ragan wrote:
It has comments with time-stamps of late yesterday, after I disclosed
on the
On Tue, 2007-07-10 at 20:20 -0400, Bob Toxen wrote:
VI. VENDOR RESPONSE
The vendor (Wachovia Bank) was notified via their customer service
phone number on June 25. We were transferred to web support. The
person answering asked us to FAX the details to her and we did so,
also on June 25.
On 10-Jul-07, at 7:39 PM, Jim Popovitch wrote:
On Tue, 2007-07-10 at 20:20 -0400, Bob Toxen wrote:
VI. VENDOR RESPONSE
The vendor (Wachovia Bank) was notified via their customer service
phone number on June 25. We were transferred to web support. The
person answering asked us to FAX the
On Tue, 10 Jul 2007 21:39:33 EDT, Jim Popovitch said:
7 days? industry practice? Come on Bob I know you know that large
corporations can't feed a cat in 7 days let alone make unscheduled
website changes that fast. Change control approvals alone would include
14 or more days in most
15 matches
Mail list logo