I would like to point out that the statements made in the emails from
mikken.tut...@intersecworldwide.com are untrue at best, defamatory at worst. I
am not going to lambast Jeff, Mikken, or Intersec Worldwide - but I will defend
myself. Normally I would not respond to something like this in a
On Fri, Dec 6, 2013 at 8:07 PM, Daniel Wood daniel.w...@owasp.org wrote:
Title: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for
California (ZippyYum) 3.4 iOS mobile application
Reported to Vendor: May 2013
CVE Reference: CVE-2013-6986
Apparently you touched a nerve! If the
Hilarious. If I were just plain ignoring the PCI DSS, I'd want to hide
evidence of it, too.
If you really want to ruin their day, report this to VISA.
--
W. Scott Lockwood III
GWB20090338817
AMST Tech
On Dec 17, 2013 3:12 AM, Fyodor fyo...@nmap.org wrote:
On Fri, Dec 6, 2013 at 8:07 PM,
On Mon, Dec 16, 2013 at 2:50 PM, Fyodor fyo...@nmap.org wrote:
...
Apparently you touched a nerve! If the legal threats we received for
archiving this security advisory on SecLists.org are any indication,
ZippyYum really doesn't want anyone to know they were storing users' credit
card info
Title: [CVE-2013-6986] Insecure Data Storage in Subway Ordering for
California (ZippyYum) 3.4 iOS mobile application
Published: DATE
Reported to Vendor: May 2013
CVE Reference: CVE-2013-6986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6986
CVSS v2 Base Score: 4.9
CVSS v2 Vector