Viewing posts tagged Phishing and Fraud
Single-site browser
Posted by: admin 13 years, 2 months ago
Read Jeremiah Grossman's post about "A Single-Site Browser’s impact on XSS, CSRF, and Clickjacking". The benefits of using a Single-Site Browser are clear: reduced risk of XSS, CSRF and Clickjacking. So, why isn't every bank in the world and every user of SSL-VPNs not deploying single-site browsers?
Fraudsters defeat poor risk management, not two-factor authentication
Posted by: admin 13 years, 4 months ago
SC Magazine's Australian edition recently published an article entitled $45k stolen in phone porting scam. This article was then rewritten on Help Net Security as "Fraudsters beat two-factor authentication, steal $45k"
More Marketing Service firms in the news
Posted by: admin 13 years, 12 months ago
Dark Reading is reporting that Best Buy has suffered a second loss of customer data - e-mail addresses - through another vendor (not Epsilon).
PCI news & updates
Posted by: admin 14 years ago
According to this article on InformationWeek:
A world without static passwords
Posted by: admin 14 years, 7 months ago
I wanted to quickly clarify my brief twitter rant about SMS authentication. This was all started by Chris Wysopal's tweet about Zeus's new mobile MiTM attacks and that "phones are not secure enough for 2 factor". Zeus is now targeting the text messages that banks are using for authenticating transactions.
Recent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)