RSA: Cybercriminals keeping up with banking safeguards - SC Magazine USThreats are becoming more sophisticated, and cybercriminals are getting smarter at evading new authentication controls, according to an RSA Conference panel of security practitioners representing three major financial institutions.More on DNS Cache Poisoning.... See Yesterday's "PIN Payments News" Post "Name Your Poison and Cache In"
Members of the panel, comprising experts at Bank of America, PayPal and JPMorganChase, agreed Wednesday that the burden is on them to secure their systems for customers -- many of whom are being greeted with slick new attempts to take over accounts. Securing systems includes implementing a defense-in-depth approach that offers multifactor authentication on the front end and fraud detection capabilities on the back end, the panelists said. Editor's Note: How about KISS? Get rid of username: password: and replace it with 2FA SafeTPIN. Cloned site threat...gone, phishing threats, elminated, DNS Cache Poisoning(see below)...cured, stolen account numbers, useless without the PIN. It's 2009 and it's time...
"The bad guys invested in a spell checker," joked David Shroyer, senior vice president at Bank of America's Online Security and Enrollment division. "I'd love to combat phishing in 2004 versus what we're facing today." Editor's Note: Exactly my point (2002 was a different lifetime when it came to combating fraud) in yesterday's post: And You Say You Want Software PIN Debit?
Continue Reading
Source: EWeek
Complete item: Report-Claims-DNS-Cache-Poisoning-Attack-Against-Brazilian-Bank
Description:
An unsubstantiated report claims that a successful DNS cache poisoning attack was conducted recently against Banco Bradesco, a Brazilian bank. The reports are in Portuguese. This Google translation explains it in typically clumsy, broken English.
The actual DNS cache belonged to Brazilian ISP NET Virtua. DNS cache poisoning is an attack against DNS servers, usually through a vulnerability in the DNS software, allowing the attacker to change the IP addresses that users receive. In this case, they changed the entries for the Bradesco servers, redirecting users to a malicious Bradesco look-alike server. The same attack also poisoned the entries for Google's Adsense servers, with the purpose of installing a Trojan on the users' systems.
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vwI-kOYw3myF7MKMAs3WydlYrimaZ70CiSffUAvWhHhbaaEARJvq2NEVsALVZAi2v1jwyd1OWrsSKMjeGgytBlpxZsirNM-1-D-PUIR4pHJfRDVZ0-2sB7KeF0S3m9334h2ySkn2FGCTD8hQsyJuvZ=s0-d)
0 comments