Hi! I would like to share a talk that I attended at 33c3. It's about a company with a banking license and accounts with actual money. Some people downplay these issues as "yeah, but the issues were fixed" and "every major bank probably has something like this". I would like to reply:
- With a bit of time and interest, any moderate hobby security researcher could have found what he found, including me.
- The issues uncovered are not mere issues of a product, they are issues in processes and culture.
When I checked earlier, Number26 did not have open positions for security professionals. They do now: Senior Security Engineer (f/m) https://n26.com/jobs/547526/?gh_jid=547526
The video: Shut Up and Take My Money! (33c3)