lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed Jun 28 14:51:41 2006 From: thomas48 at singnet.com.sg (thomas48) Subject: SyScan'06 Highlight - Is Phone Banking Safe? This is a brand new presentation and its going public for the very first time in SyScan'06. Marek Bialowlowy is a Polish security researcher based in Southeast Asia whose expertise is researching into mobile technologies like phone banking, wifi and bluetooth etc. In this presentation in SyScan'06, he will present his shocking findings in one of the most popular banking application. Use of a telephone in banking is considerably widespread. The most popular is certainly the interactive voice response (IVR) technology, which has been adopted by nearly all major banks. There is also a new successor of this technology that is a mobile banking. It is mainly based on SMS or STK (SimToolkit) and the popularity of it is rapidly increasing largely thanks to the popularity of mobile phones. Certainly with benefits of new technology also come new threats which have to be addressed. Meanwhile, the old IVR based technology still lacks security, which questions the overall safety of using phone in banking services. The presentation summarises results of comprehensive analysis into phone banking security and introduces never previously presented attack scenarios on phone banking systems, reveals the security weakness in phone banking systems of a major banks and explains some potential methods of minimising the risks. Other presentations at SyScan'06 include: Unpacking Malware, Trojans and Worms - Paul Craig Towards Automated Botnet Detection and Mitigation - Thorsten Holz I-worm Fuzzer: A new propagation type of worm - Enrique Sanchez Securing Linux/Unix Systems - Andrew Griffiths VoIP Security Issues - Hendrik Scolz Exploiting Embedded System - Barnaby Jack Reverse Engineering Microsoft Binaries - Alexander Sotirov Feeding Fuzzing - ByteRage Writing behind a Buffer - Angelo Rosiello Skeletons in Microsoft Closet - Andre Protas Binary Analysis; finding secrets in ISAPIs Yet Another Web Application Testing Toolkit - Fyodor Yarochkin Oracle Rootkit and Viruses - Alexander Kornbrust Attacking Microsoft Vista - Joanna Rutkowska For more information, please visit http://www.syscan.org
Powered by blists - more mailing lists