Archive for the ‘Cyber Threat Intelligence’ Category

Strong Authentication Not Strong Enough

December 15, 2009

Strong Authentication Not Strong Enough

Cyber thieves are defeating two-factor authentication systems. Gartner recommends defense-in-depth

By Thomas Claburn
InformationWeek
December 14, 2009 05:05 PM

Two-factor authentication — used to protect online bank accounts with both a password and a computer-generated one-time passcode — is supposed to be more secure than relying on a single password.

But Gartner Research VP Avivah Litan warns that cyber criminals have had success defeating two-factor authentication systems in Web browsing sessions using Trojan-based man-in-the-middle attacks.

A Gartner Research note written by Litan explains that in the past few months, Gartner has heard from many banks around the world that rely on one-time-password authentication systems. Accounts at these banks have been compromised by man-in-the-middle attacks — the report uses the term "man-in-the-browser" — despite the use of two-factor security.

Comcast to Warn PC Users If They’re Infected by PC Magazine: Yahoo! Tech

October 17, 2009

Comcast to Warn PC Users If They’re Infected by PC Magazine: Yahoo! Tech: ”

Comcast to Warn PC Users If They’re Infected
By Chloe Albanesius – PC Magazine – Thu Oct 8, 2009 11:24AM EDT