Skip to main content

The WiKID Blog

Viewing posts tagged Authentication Attacks

two-factor-phish-against-citibank-demonstrates-the

Lance James at Secure Science has screen shots of the phish attack against CitiBank's business site that uses a hardware token one-time password system. You can see them on WaPo's Security Fix Blog.

15-percent-of-corporate-pcs-have-keystroke-loggers

According to David Aucsmith, architect and CTO, Security Business & Technology Unit at Microsoft, 15% of corporate PCs have key stroke loggers.

vint-cerf-et-al-on-internet-security

I had the pleasure to attend the recent security summit at the Georgia Tech Information Security Center (webcast is available, but only if you have quicktime and IE7 apparently, which ain't me) and getting to hear Vint Cerf and a very strong group of panelists. Here are my take-aways:

  • When you sell your company for big bucks, you get to be on panels at colleges. Maybe this is because the event was held in the Chris Klaus building.
  • The internet needs better, stronger authentication - and not just the user, but better Damballa a local Atlanta start-up spun out of Georgia Tech to help ISPs address the bot problem. Good luck to those guys. Seems like cool technology.

logins-for-ftp-sites-offered-for-sale

According to Techworld, Finjan has discovered that logins for 8,700 FTP servers are for sale.

Using the Alexa.com domain ranking, Finjan found 10 of the top 100 domains in the database, 100 of the top 500 domains, and 50 of those between 500 and 1,000.
My reaction: FTP? Really? You've got to at least hope that it's SFTP.
The hacked servers could be used to distribute crimeware by injecting iframe tags into any webpage stored on the compromised FTP servers. Indeed the server accounts were themselves being traded by a web application able to rank and price them according to their Google page rank for re-sale to other criminals.
Fancy.

web-application-insecurity-statistics

Security geeks who like to chew on numbers will enjoy the WebAppSec Statistics. Lots of pretty pictures too.

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom