[prev in list] [next in list] [prev in thread] [next in thread]
List: webappsec
Subject: Re: Mitm new?
From: Nick Owen <nowen () wikidsystems ! com>
Date: 2006-08-18 15:47:51
Message-ID: 44E5E127.6020407 () wikidsystems ! com
[Download RAW message or body]
Jeff Robertson wrote:
> Why are man-in-the-middle phishing sites suddenly talked about as a
> "new" threat, as if there was rocket science involved?
>
> For instance
> http://blog.washingtonpost.com/securityfix/2006/07/citibank_phish_spoofs
> _2factor_1.html
>
> These things are basically proxies, which are as old as the web. Why
> does it surprise anyone to see these combined with phishing? (Then
> again, I still haven't figured out why phishing as we know it didn't
> "take off" circa 1994)
>
> Jeff Robertson
Perhaps: new regulation + vendor marketing + need to sell ads + old
attacks = news? :).
I think that the escalating sophistication of attacks is of interest,
even if predictable. The lack of detail in reporting and discussion of
suitable preventive measures, etc is another story, vis-a-vis about
blogging vs. reporting.
nick
--
Nick Owen
WiKID Systems, Inc.
404.962.8983
http://www.wikidsystems.com
Commercial/Open Source Two-Factor Authentication
https://www.linkedin.com/in/nickowen
-------------------------------------------------------------------------
Sponsored by: Watchfire
Watchfire was recently named the worldwide market leader in Web
application security assessment tools by both Gartner and IDC.
Download a free trial of AppScan today and see why more customers choose
AppScan then any other solution. Try it today!
https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnB
--------------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic