At the weekend I was sent a link by a colleague to the jobs' site of Queen Mary University (job site here) as they wanted my advice on a position. I recommended the position but suggested using an alternative method of submitting an application, the site really does not utilise standard security practises (e.g. mixed content over HTTPS, account enumeration, password policy etc). Nothing surprised me about the website, until I tried to click on a URL located within the job listing, it automatically directed me to the following: The first thought that went through my mind was "oh boy, have I got malware on my machine?!", I went back to the listing and tried clicking the link, it...
- How widely is HTTPS used in the public sector of the UK?
- Thoughts on the use of technology in mental health and the military
- Queen Mary University of London Job Site "Hacked"
- What is deep learning, and why should you care?
- MEAN Stack User Authentication and SMS validation with Twilio/Authy: Part 2/2 - Creating the IONIC App
- MEAN Stack User Authentication and SMS validation with Twilio/Authy: Part 1/2 - Developing the API
- InDEx App: A Medical Research Council Funded Project
The boring stuff
All code, opinion and information on this blog are my personal view and do not represent or relate my past and/or current employer's view in any way.
Copyright 2017, Daniel Leightley
Except otherwise, everything on this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. Simply, share with attribution. This site utilises the amazing core design by Troy Hunt. I encorage you to read his blog.