Story image

RSA warns of MITB attacks

03 Nov 09

In the October Online Fraud Report released by RSA, the company highlighted the increase of man-in-the-browser (MITB) and brand attacks.

MITB attacks is designed to intercept and manipulate data when it passes over a secure communication between a user and an online application, such as those used in consumer and corporate banking. The MITB Trojan embeds in a user’s browser application and can be programmed to trigger when a user accesses specific sites, such as online banking.

MITB attacks are being conducted using a number of Trojan families including Zeus, Adrenaline, Sinowal and Silent Banker. Because the Trojan is embedded in the browser during the attack, it is extremely difficult for users or the server to detect anything as it seems like a legitimate transaction on both ends.

The attacks are increasing around the globe, especially among banks as they deploy two-factor authentication for their online banking users.

New Zealand also ended up in the top ten country list of brand attacks launched in October.

Dell dominates enterprise storage market, HPE declines
The enterprise storage system market continues to be a goldmine for most vendors with demand relentlessly rising year-on-year.
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
Record revenues from servers selling like hot cakes
The relentless demand for data has resulted in another robust quarter for the global server market with impressive growth.
Opinion: Critical data centre operations is just like F1
Schneider's David Gentry believes critical data centre operations share many parallels to a formula 1 race car team.
MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill.