Difference between revisions of "OWASP Anti-Malware - Knowledge Base"

Revision as of 07:38, 11 May 2009

Introduction

Banking Attack Process

Banking Malware Families

Silent Banker

Adrenaline

Zeus

Limbo/Nethell

Torpig/Sinowal/Mebroot

Banking Provided Security Measures

Password

TAN (Gridcard, Scratch Card)

OTP (Time Based, Click Based)

CAP (Random Nonce, Challenge Response)

SMS Challenges

Cellphone Caller-ID

Threat Modeling for Banking Malware Attacks

Enumerate the interesting targets

Define the path to the targets (Transition graphs)

Apply trust boundaries (security measures)

Define the weaknesses of the security measures adopted

Security Rating

References

@@ Line 13: / Line 13: @@
 == Banking Provided Security Measures ==
+=== Password ===
+=== TAN (Gridcard, Scratch Card) ===
+=== OTP (Time Based, Click Based) ===
+=== CAP (Random Nonce, Challenge Response) ===
+=== SMS Challenges ===
+=== Cellphone Caller-ID ===
 == Threat Modeling for Banking Malware Attacks ==

Difference between revisions of "OWASP Anti-Malware - Knowledge Base"

Revision as of 07:38, 11 May 2009

Introduction

Banking Attack Process

Banking Malware Families

Silent Banker

Adrenaline

Zeus

Limbo/Nethell

Torpig/Sinowal/Mebroot

Banking Provided Security Measures

Password

TAN (Gridcard, Scratch Card)

OTP (Time Based, Click Based)

CAP (Random Nonce, Challenge Response)

SMS Challenges

Cellphone Caller-ID

Threat Modeling for Banking Malware Attacks

Enumerate the interesting targets

Define the path to the targets (Transition graphs)

Apply trust boundaries (security measures)

Define the weaknesses of the security measures adopted

Security Rating

References

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools