| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 24 Aug 2005 15:40:22 +0100 From: NGSSoftware Insight Security Research <nisr@...tgenss.com> To: bugtraq@...urityfocus.com Subject: New Whitepaper - The Pharming Guide NGS Insight Security Research (NISR) are pleased to announce the publication of a new whitepaper - "The Pharming Guide", which can be downloaded from http://www.ngssoftware.com/papers/ThePharmingGuide.pdf Abstract: Exploiting well known flaws in DNS services and the way in which hostnames are resolved to IP addresses, Phishers have upped the ante in the cyberwar for control of a customer’s online identity for financial gain. A grouping of attack vectors now referred to as “Pharming”, affects the fundamental way in which a customer’s computer locates and connects to an organisations online offering. Enabling the Pharmer to reach wider audiences with less probability of detection than their Phishing counterparts, pharming attacks are capable of defeating many of the latest defensive strategies used by customer and online retailer alike. This paper, extending the original material of “The Phishing Guide”, examines in depth the workings of the name services of which Internet- based customers are dependant upon, and how they can be exploited by Pharmers to conduct identity theft and financial fraud on a massive scale.
Powered by blists - more mailing lists