Good news ! Hackbusters community is waiting for you !
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at:

Trading site DX.Exchange spills gobs of user data


You might want to question putting your money into a new trading platform that can’t even spring for a good translator.

Or, as DX.Exchange put it on its site:

Digital Stocks , How its works?

If only that were the biggest problem of the platform, which allows people to trade currencies and “digitized” versions of Apple, Tesla, and other stocks. A few days ago, a curious trader wanted to see how robust the platform is, along with how well it protects users’ sensitive financial and legal information.

So, as Ars Technica tells it, the trader set up a dummy account and started to explore. He went so far as to turn on developer tools inside the Chrome browser to get more visibility into the platform’s inner workings.

And lo! What a hot mess he encountered therein.

Right from the get-go, when his browser sent DX.Exchange a request, it included an authentication token: a long string of characters required by the site that should be kept secret when a user accesses their account.


View All Trending Stories