About

My Photo

Adsense


Add to Google Reader or Homepage

Subscribe in Bloglines

Subscribe in one go

  • Subscribe to RSS Feed

Your email address:


Powered by FeedBlitz

Google reader

Software worth checking out

  • ActiveWords
    Do everything without leaving the keyboard
  • Anagram
    Translates copied text into Contact, Calendar, Task, and Note items for Outlook, Palm etc
  • BlogJet
    Weblog client for Windows that allows you to manage your blog without opening a browser.
  • ConnectedText
    Intriguing Wiki-based organiser
  • Copernic Desktop Search
    Great alternative to Google's or Microsoft's offering for searching your PC. Simple and unobtrusive
  • Courier Email
    Great email program
  • DtSearch
    Text Retrieval / Full Text Search Engine
  • ExplorerPlus
    Organize and manage all your system files and folders
  • Gmail
    Webmail that really works. Great for catching spam too.
  • Google Deskbar
    Search with Google from any application without lifting your fingers from the keyboard.
  • Google Earth
    Zip around the planet and see things differently
  • Google Reader
    Best online RSS reader I think there is out there
  • Jot+
    store all of your notes and information in an easy-to-use outline
  • Local Cooling
  • Mindjet
    The mindmapper of choice.
  • MSGTAG - MessageTag
    Email receipt alert
  • MyInfo
    free-form information organizer
  • NoteStudio
  • NoteTab
    Great text and HTML editor
  • Omea Reader
    Good RSS feedreader
  • PersonalBrain
    If you've ever wanted to organise your information in a way that's different, try this. Worth spending time on mastering
  • Process Explorer
    Not too geeky way to figure out what software is slowing down your computer. Just keep it running for a while and the culprit will become obvious.
  • Safari
    Surprisingly fast browser -- and for Windows too.
  • Skype
    Dump those phone bills
  • SpaceMonger
    Keep track of the free space on your computer via treemaps
  • Stick
    Post-It note-like tabs to store text, folders etc that cling to the edge of your screen
  • SuperNotecard
    Great for authors and writers organizing their thoughts
  • TaskTracker
    Lists recent documents by type for easy access
  • Text Monkey
    Easily clean copied text
  • Trillian IM Clients
    Gathers all your instant messaging accounts in one window

« Vmyths Up For Sale On eBay | Main | Firefox And The Greasemonkey On Its Back »

March 23, 2005

Internet Banking And The Threat From Within

Saw a chilling presentation today from Fabrice A Marie of FMA-RMS at the Bellua Cyber Security Asia 2005 conference in Jakarta. Fabrice talked about Hacking Intenet Banking Applications, something he does for a living on behalf of banks around the region. Bottom line: They’re easy to hack.

Of 15 banks’ application assessments he worked on in the past 18 months he found 258 vulnerabilities, 429 beta quality scripts, 339 unnecessary files, averaging 17 vulnerabilities per application.

He didn’t go into detail about what kind of vulnerabilities he found, but his presentation explored a dozen different ways of getting past banks’ security measures, including spying on competitors’ transcation histories, stealing money using fund transfer functionality, purchasing insurance for free and buying discounted shares. All you need is an account.

His parting words were: “Nobody will be using Internet banking anymore. If you do just make sure you don’t have much money online.” He told me later he was just joking, and that banks, particularly in Singapore, are safe. But nobody laughed.

He didn’t mention phishing, but a thought struck me: How many phishing attacks are not to clear out an account but to gain access to a bank as part of a broader, longer term attack?

Posted on March 23, 2005 in Phishing, Security |

Digg This | Save to del.icio.us

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/t/trackback/10988/2115001

Listed below are links to weblogs that reference Internet Banking And The Threat From Within:

» Banks abandon online fraud victims from Bleeding Edge
If you happen to become a victim of a phishing exploit, don't expect that your bank will stand by you. That's the devastating point [somewhat buried] of this story. One in 20 UK internet users say they have lost money... [Read More]

Tracked on May 04, 2005 at 12:31 PM

Comments

Post a comment

If you have a TypeKey or TypePad account, please Sign In

Loose Wire search

Regulars

Recent Posts

Recent Comments

Categories

Subscribe to my Podcast

Eco-Safe

Categories

Rank

  • Wikio - Top Blogs - Technology
Blog powered by TypePad
Member since 12/2003

A Directory of...

ten mov.es

tenminut.es