diff options
| -rw-r--r-- | actionview/Rakefile | 4 | ||||
| -rw-r--r-- | guides/source/security.md | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/actionview/Rakefile b/actionview/Rakefile index 4d7a2f1812..9542b626d1 100644 --- a/actionview/Rakefile +++ b/actionview/Rakefile @@ -57,7 +57,7 @@ namespace :test do end namespace :integration do - # ActiveRecord Integration Tests + # Active Record Integration Tests Rake::TestTask.new(:active_record) do |t| t.libs << "test" t.test_files = Dir.glob("test/activerecord/*_test.rb") @@ -66,7 +66,7 @@ namespace :test do t.ruby_opts = ["--dev"] if defined?(JRUBY_VERSION) end - # ActionPack Integration Tests + # Action Pack Integration Tests Rake::TestTask.new(:action_pack) do |t| t.libs << "test" t.test_files = Dir.glob("test/actionpack/**/*_test.rb") diff --git a/guides/source/security.md b/guides/source/security.md index 06c24670de..a21526d895 100644 --- a/guides/source/security.md +++ b/guides/source/security.md @@ -74,7 +74,7 @@ Hence, the cookie serves as temporary authentication for the web application. An * Instead of stealing a cookie unknown to the attacker, they fix a user's session identifier (in the cookie) known to them. Read more about this so-called session fixation later. -The main objective of most attackers is to make money. The underground prices for stolen bank login accounts range from $10-$1000 (depending on the available amount of funds), $0.40-$20 for credit card numbers, $1-$8 for online auction site accounts and $4-$30 for email passwords, according to the [Symantec Global Internet Security Threat Report](http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xiii_04-2008.en-us.pdf). +The main objective of most attackers is to make money. The underground prices for stolen bank login accounts range from 0.5%-10% of account balance, $0.5-$30 for credit card numbers ($20-$60 with full details), $0.1-$1.5 for identities (Name, SSN & DOB), $20-$50 for retailer accounts, and $6-$10 for cloud service provider accounts, according to the [Symantec Internet Security Threat Report (2017)](https://www.symantec.com/content/dam/symantec/docs/reports/istr-22-2017-en.pdf). ### Session Guidelines |