Viewing posts tagged Phishing and Fraud
7-easy-steps-to-maximizing-your-fraudulent-stock
Posted by: admin 14 years, 10 months ago
The SEC has noticed a dramatic rise in fraud against online brokerage accounts. This is a very interesting article in that it shows how an attacker can take over accounts and make money without necessarily removing money from those accounts. All they need is a couple of "legitimate" account that the fraudsters open, a thinly traded small-cap stock and to control a couple of pwned accounts with enough money to manipulate the targeted stock. The article describes "pumping" as using pwned accounts to drive up the price of stocks that you hold. However, you can also make money on the way down:
dns-and-mutual-authentication
Posted by: admin 14 years, 10 months ago
Once again, Amit Klein has hacked DNS. Once again, we'll say if you are doing high-value web-based transactions, you should consider using Mutual Authentication for HTTPS.
spam-and-the-fortune-1000
Posted by: admin 14 years, 10 months ago
There is an interesting article on the Register about bots in large company networks. I always assumed that the massive bot armies of spammers and phishers consisted of the PCs of unsophisticated home users. I think this has tremendous implications. If you're PayPal and Oracle is sending PayPal spam, can you do something about it? Yes, I think.
banks-seek-tighter-security-from-vendors
Posted by: admin 14 years, 10 months ago
According to today's WSJ, 6 big US banks and BITS will announce security standards for their vendors. This action shouldn't come as a surprise, since the banks are essentially following in the footsteps of VISA and Mastercard and their CISP/PCI standards that attempt to secure the credit card industry - especially since the banks own VISA and Mastercard.security-issues-with-googles-anti-phishing-tool
Posted by: admin 14 years, 10 months ago
There is a great post by Nitesh Dhanjani over at O'Reilly about his security concerns about their Safe Browsing for Firefox extension.Recent Posts
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
- WiKID Android tokens had their data deleted over the weekend by Google Chrome bug
- Scalability improvements in version 5.0 of the WiKID Strong Authentication server
Archive
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)