Archive for 'Phishing'
Securing SaaS
With last month’s news of a Salesforce.com employee falling prey to a phishing attack, resulting in the SFDC database being mined for subsequent targeted phishing attacks against some number of SFDC’s nearly 1,000,000 users, there’s been a lot of interest in securing Software as a Service platforms.
The first wave of solutions is the conventional lot: [...]
Posted: December 4th, 2007 under 2FA, Phishing.
Comments: none
Man-in-the-Middle Attack Kit
Hot on the heels of the $15 WebAttacker malware kit comes an RSA report of a do-it-yourself Man-in-the-Middle kit. This is a scary evolution of phishing: by proxying the connection between the client (victim) and the real server (e.g. their bank) MitM can accurately indicate a failed login to the victim (making it harder to [...]
Posted: January 11th, 2007 under 2FA, Phishing, SSL.
Comments: 1