Security Market Segment LS


JUser: :_load: Unable to load user with ID: 66
Wednesday, 28 October 2009 09:48

Australia, NZ amongst worst for online brand attacks

Australia continues to rank as one of the top ten countries worldwide to suffer online brand attacks, and while Colombia and France have dropped off the chart completely, New Zealand and Brazil have entered the list for the first time, according to a new report on worldwide fraud released today.

According to RSA’s online fraud report for October, despite the rise in the total number of brand attacks launched in September, and an increase in the number of brands targeted last month, phishers generally continue to attack brands in the same countries, namely Australia, the US, the UK, Canada, Italy, Spain and South Africa.

Also reported by RSA was the fact that financial institutions in Australia, Asia and Latin America are increasingly deploying two-factor authentication for their online banking users and, as a result, have experienced an increasing number of ‘man-in-the-browser’ (MITB) attacks.

RSA reports that it has witnessed a surge in the number of MITB attacks, “especially in geographies where two-factor authentication is densely deployed --- such as the European consumer banking and US corporate banking markets.”

The security firm says a man-in-the-browser attack is designed to intercept and manipulate data as it passes over a secure communication between a user and an online application, and that a Trojan embeds in a user’s browser application and can be programmed to trigger when a user accesses specific online sites, such as an online banking site.

According to RSA, a number of Trojan families are currently being used by fraudsters to conduct MITB attacks including Zeus, Adrenaline, Sinowal, and Silent Banker, and it says some MITB Trojans are so advanced that they have “streamlined the process for committing fraud, programmed with functionality to fully automate the process from infection to cashout.”

RSA warns that what makes MITB attacks difficult to detect from the bank’s server side is that any activity performed “seems as though it is originating from the legitimate user’s web browser.”

“Characteristics such as the Windows language, user agent string, and the IP address will appear the same as the user’s real data. This creates a challenge in distinguishing between genuine and malicious transactions.”

RSA also says that man-in-the-browser as an attack vector has experienced exponential growth in the rate of infection in the last year, and it has witnessed Trojan infections increase tenfold in the last twelve months – findings which it says that are supported by other industry observations and reports.

“This growth is driven in part by the number of ‘drive by download’ infections where vulnerabilities on legitimate websites are exploited by botnets and infection kits to place an iFrame in the breached site,” RSA says.

Subscribe to ITWIRE UPDATE Newsletter here

Now’s the Time for 400G Migration

The optical fibre community is anxiously awaiting the benefits that 400G capacity per wavelength will bring to existing and future fibre optic networks.

Nearly every business wants to leverage the latest in digital offerings to remain competitive in their respective markets and to provide support for fast and ever-increasing demands for data capacity. 400G is the answer.

Initial challenges are associated with supporting such project and upgrades to fulfil the promise of higher-capacity transport.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux/demux, ROADM, and optical amplifiers, all of which must be able to support 400G capacity.

With today’s proprietary power-hungry and high cost transceivers and DSP, how is migration to 400G networks going to be a viable option?

PacketLight's next-generation standardised solutions may be the answer. Click below to read the full article.


WEBINAR PROMOTION ON ITWIRE: It's all about webinars

These days our customers Advertising & Marketing campaigns are mainly focussed on webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

We have a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you.



Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News