Worldwide LocationsActivIdentity Blog
« Back to Blog HomepageOnline Banking Trojan - Industry News Wrap-up - ActivIdentity Blog
Oct 11, 2011 12:25pm | 0 Comment
In this week's industry news wrap-up, we'll take a look at attacks on encrypted data, an interview with the BITS and a new online banking Trojan. Here are the stories that caught our attention: Hackers Crack Internet Encryption: Should You Be Worried?
As Philip Hoyer referenced in a recent blog post, transactions using Transport Layer Security (TLS) 1.0 are no longer safe. TLS 1.0, the Web standard data encryption, is used as part of HTTPS encryption but is vulnerable to attack, as demonstrated by the BEAST exploit. Alex Wawro warns Web surfers to be wary of the information they choose to share online, change passwords often and never click on links or open emails from unknown or untrusted sources.
'Well organized, sophisticated, fast' cybercriminals scare US banks
The U.S. financial industry's IT policy arm, known as BITS, has a new leader who is an expert in email security and authentication. With the increasing amount of new technologies, including social networking, mobile and cloud computing, Paul Smocer is taking the lead on developing new strategies to protect financial service firms and consumers from various types of attacks. In this interview, Smocer is quoted as saying "If you're focused on the ultimate protection of both your organization and your customers, that gives you the focus to continually try to strengthen the environment."
SpyEye Trojan Targets Online Banking Security Systems
Online banking security is under attack by a newly discovered culprit: the SpyEye Trojan, a well-known malware program. This new attack allows hackers to change the victim’s mobile phone number within an online bank account, which reroutes text messages to the criminal’s phone. Researchers claim that the only way to defeat this type of attack is to employ endpoint security that blocks man-in-the-browser-injection (MITB) techniques.
Tags: n/a
Post a Comment
All fields are required.
Legal Disclaimer
Some of the individuals posting to this blog website work for ActivIdentity Corporation ("ActivIdentity"). Opinions expressed in the blog postings and in any corresponding comments are the personal opinions of the original authors, not of ActivIdentity. The blog postings are provided for informational purposes only and are not meant to be an endorsement or representation by ActivIdentity or any other party. This blog website is available to the public. ActivIdentity moderates the comments and comments will not be posted until they are approved by the moderator. ActivIdentity does not guarantee that your comments will be posted to this blog website and ActivIdentity may refuse to post any comments in its sole discretion. No information you consider confidential should be posted to this blog website. By posting comments, you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to this blog website. You release ActivIdentity from any liability related to your use of this blog website and the content on this blog website. Your use of this blog website is also subject to the terms and conditions of the ActivIdentity Legal Notice available at http://www.actividentity.com/legal/ (the "Legal Notice"). The blog postings are "materials" and any comments that you post to this blog website are "feedback," each as defined in the Legal Notice.
Some of the individuals posting to this blog website work for ActivIdentity Corporation ("ActivIdentity"). Opinions expressed in the blog postings and in any corresponding comments are the personal opinions of the original authors, not of ActivIdentity. The blog postings are provided for informational purposes only and are not meant to be an endorsement or representation by ActivIdentity or any other party. This blog website is available to the public. ActivIdentity moderates the comments and comments will not be posted until they are approved by the moderator. ActivIdentity does not guarantee that your comments will be posted to this blog website and ActivIdentity may refuse to post any comments in its sole discretion. No information you consider confidential should be posted to this blog website. By posting comments, you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to this blog website. You release ActivIdentity from any liability related to your use of this blog website and the content on this blog website. Your use of this blog website is also subject to the terms and conditions of the ActivIdentity Legal Notice available at http://www.actividentity.com/legal/ (the "Legal Notice"). The blog postings are "materials" and any comments that you post to this blog website are "feedback," each as defined in the Legal Notice.
Subscribe to our RSS FeedSearch Blog
Category
Identity & Access ManagementRecent Posts
Recent Comments
Blogroll
The Forrester Blog For Security & Risk ProfessionalsComputer Weekly: David Lacey's IT Security Blog
Infosecurity Magazine: Security Viewpoint
Pro Security Zone: Editor's Blog
IT Pro
Adventures in Security
ha.ckers.org
Information Security: Security Bytes
Krebs on Security
SC: Data Breach Blog
Schneier on Security
Securosis
GovInfoSecurity.com: The Security Scrutinizer
GCN Tech Blog
Cybersecurity
Gartner Blog Network
Cnet: Insecurity Complex
Computerworld: Security Impact Blog
Computerworld: Security is Sexy
eWeek Security Watch
InformationWeek Security Weblog
Network World: Security Strategies Alert
ZDNet.com: Zero Day
Bank Info Security: Industry Insights
Bank Technology News
CRN Community: Hot Topics
Threatpost: Digital Underground