Pretty impressive stuff. Looks like Nish Bhalla from SecurityCompass was able to create $14 million dollars from “thin air”. Granted, he had access to an internal network ahead of time, but still this is impressive. A little sniffing, a lack of encryption, and some wherewithal and Nish was able to create a new account.
I would think banking of all places would be more serious about encrypting their data. Shouldn’t there be some kind of compliance for passing banking data, even on internal networks? Or is this more about a lack of decent talent, capable of coming up with these security measures?