The IT department of Scotiabank forgot to renew the SSL Certificate of their Website

The DBU held up last year to sell “world class digital solutions” to computerized banking customers throughout the world. But Jason Coulls, CTO of food security testing company Tellspec and a former business software developer, tilted off News that the bank’s hipster company certificates had terminated nearly five months ago.

“Tuesday following week is the five month anniversary of the certificate perishing and no one has noticed,” he said. “This from an organization supposed to showcase how intelligent the bank’s IT people are. The humor is strong in this one.”

Coulls said he chose to warn the company that their SSL records were out of order but has got no acknowledgment from them. Then repeat, that appears to be par for the development for the Canadian bank.

In 2016 he found that the bank’s mobile app had rather unusual characteristics distinctly that the programmers had packed the code with f‑bombs. He notified the bank in April and got no reply, so let the regulators know. Scotiabank fixed the system within 24 hours.

The latter event was especially concerning because following banking law specifically PCI agreement rule 16.3.4 banks are expected to inspect their code thoroughly to make sure it is safe. It seems as though the DBU isn’t the only organization asleep at the switch.

Take your time to comment on this article.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil