Ethical Hacking Training at InfoSec Institute

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Computer Forensics Computer-Forensics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

SyScan'06 Highlight - Is Phone Banking Safe?

from [thomas48] Network Security [Permanent Link]
Subject: SyScan'06 Highlight - Is Phone Banking Safe?
Date: Wed, 28 Jun 2006 12:21:50 +0800
This is a brand new presentation and its going public for the very first time in SyScan'06.


Marek Bialowlowy is a Polish security researcher based in Southeast Asia whose expertise is researching into mobile technologies like phone banking, wifi and bluetooth etc. In this presentation in SyScan'06, he will present his shocking findings in one of the most popular banking application.

Use of a telephone in banking is considerably widespread. The most popular is certainly the interactive voice response (IVR) technology, which has been adopted by nearly all major banks. There is also a new successor of this technology that is a mobile banking. It is mainly based on SMS or STK (SimToolkit) and the popularity of it is rapidly increasing largely thanks to the popularity of mobile phones. Certainly with benefits of new technology also come new threats which have to be addressed. Meanwhile, the old IVR based technology still lacks security, which questions the overall safety of using phone in banking services.

The presentation summarises results of comprehensive analysis into phone banking security and introduces never previously presented attack scenarios on phone banking systems, reveals the security weakness in phone banking systems of a major banks and explains some potential methods of minimising the risks.

Other presentations at SyScan'06 include:

Unpacking Malware, Trojans and Worms - Paul Craig
Towards Automated Botnet Detection and Mitigation - Thorsten Holz
I-worm Fuzzer: A new propagation type of worm - Enrique Sanchez
Securing Linux/Unix Systems - Andrew Griffiths
VoIP Security Issues - Hendrik Scolz
Exploiting Embedded System - Barnaby Jack
Reverse Engineering Microsoft Binaries - Alexander Sotirov
Feeding Fuzzing - ByteRage
Writing behind a Buffer - Angelo Rosiello
Skeletons in Microsoft Closet - Andre Protas
Binary Analysis; finding secrets in ISAPIs
Yet Another Web Application Testing Toolkit - Fyodor Yarochkin
Oracle Rootkit and Viruses - Alexander Kornbrust
Attacking Microsoft Vista - Joanna Rutkowska


For more information, please visit
http://www.syscan.org


-------------------------------------------------------------------------
Sponsored by: Watchfire

As web applications become increasingly complex, tremendous amounts of sensitive data - personal, medical and financial - are exchanged, and stored. Consumers expect and demand security for this information. This whitepaper examines a few vulnerability detection methods - specifically comparing and contrasting manual penetration testing with automated scanning tools. Download "Automated Scanning or Manual Penetration Testing?" today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701300000008BOQ
--------------------------------------------------------------------------

[More messages with this same subject...]


<Prev in Thread] Current Thread [Next in Thread>
  • SyScan'06 Highlight - Is Phone Banking Safe?, thomas48 <=
Previous by Date:  Re: Anyone know of a free Gutmann file deletion tool for Windows which can run from removable media?,
Next by Date:  Re: PECompact2, Andrei Saygo
Previous by Thread:  PECompact2, als
Next by Thread:  Tracing Excel Worksheets beyond metadata, inspector
Indexes:  [Date] [Thread] [Top] [All Lists]