Skip to main content

The WiKID Blog

Viewing posts tagged Authentication Attacks

7-easy-steps-to-maximizing-your-fraudulent-stock

The SEC has noticed a dramatic rise in fraud against online brokerage accounts. This is a very interesting article in that it shows how an attacker can take over accounts and make money without necessarily removing money from those accounts. All they need is a couple of "legitimate" account that the fraudsters open, a thinly traded small-cap stock and to control a couple of pwned accounts with enough money to manipulate the targeted stock. The article describes "pumping" as using pwned accounts to drive up the price of stocks that you hold. However, you can also make money on the way down:

drive-by-pharming-seen-in-the-wild

Symantec has spotted Drive-by pharming attacks in the wild

dns-and-mutual-authentication

Once again, Amit Klein has hacked DNS. Once again, we'll say if you are doing high-value web-based transactions, you should consider using Mutual Authentication for HTTPS.

comment-on-the-t-mobile-attack

I'm sure everyone (in security) has seen the article at Security Focus about the T-Mobile attack and probably some of the great commentary about it, especially here.


I only have one comment: Everyone write your bank, cellular company, credit card company, utility companies and tell them that you want strong authentication and you want it now.

citrix-and-security

PDP has recently pointed out how easy it is to hack into poorly configured Citrix servers, which can easily be found via Google et al. He's also posted information on how to hack Citrix in a more forceful way. So, it is a good thing that we've posted documentation on how to protect Citrix with WiKID two-factor authentication. Also, yesterday, I posted a similar how-to document for protecting for GoToMyPC Corporate.

Recent Posts

Archive

2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom