Viewing posts from January, 2009
phishers-get-50k-in-south-korea
Posted by: admin 15 years, 3 months ago
From Chosun.com:phishers-move-to-europe-but-not-the-dutch
Posted by: admin 15 years, 3 months ago
Websense has published a report that says that phishers are increasingly targeting smaller European banks over their larger American cousins. While not scientific, it is interesting.phishers-targeting-commercial-accounts
Posted by: admin 15 years, 3 months ago
Today I receieved a phish that is targeting commercial accounts of BB&T. It's interesting because it will be much harder to do transaction analysis fraud prevention on commercial accounts (same for brokerage accounts) and the email used a pending 'security device' roll-out as the premise for needing the information.
phishing-target-one-time-passwords-in-swedish
Posted by: admin 15 years, 3 months ago
Just when I thought the nordic countries would be the last to be phished, the phishers strike. Out-law pointed out an this F-Secure post (go to the bottom of the page):pingid-releases-signon-com-but-it-is-not-strong
Posted by: admin 15 years, 3 months ago
PingID released Signon.com today, which looks like a great addition to the consumer-oriented SSO services available. I take some exception to this quote from PingID CEO Andre Durand about InfoCards
After a user creates an information card on their desktop, they can access SignOn.com and link the card to their account on the site. On subsequent visits, the card is needed for the user to authentication to SignOn.com.Now, I don't know as much about InfoCards as I should, but I know it's not strong authentication. What these services need is strong mutual authentication, so that the user is assured that they are going to the correct SSO service. Then, the SSO service needs to get the user to the correct targeted site.
“It’s a form of strong authentication,” says Andre Durand, CEO of Ping Identity.
Recent Posts
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
- WiKID Android tokens had their data deleted over the weekend by Google Chrome bug
Archive
2024
- January (1)
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)