Difference between revisions of "OWASP Anti-Malware - Knowledge Base"

Revision as of 16:28, 3 January 2012

Introduction

What is Banking Malware

How Banking malware deals with Web Application Security

Protecting Banking Resources

Are your resources protected?

Enumerate the interesting targets

Define the path to the targets (Transition graphs)

Apply trust boundaries (security measures)

Define the weaknesses of the security measures adopted

Appendix A: Security Considerations about Authentication Solutions and Malware

Password

TAN (Gridcard, Scratch Card)

OTP (Time Based, Click Based)

CAP (Random Nonce, Challenge Response)

SMS Challenges

Cellphone Caller-ID

Appendix B: Banking Malware Families (Active in 2012)

Spyeye

Zeus

Carberp

Tatanga

Urlzone

References

@@ Line 11: / Line 11: @@
 === Apply trust boundaries (security measures) ===
 === Define the weaknesses of the security measures adopted ===
-== Evaluate the Maturity of your Organization in this context ==
 ==  Appendix A: Security Considerations about Authentication Solutions and Malware ==

Difference between revisions of "OWASP Anti-Malware - Knowledge Base"

Revision as of 16:28, 3 January 2012

Introduction

What is Banking Malware

How Banking malware deals with Web Application Security

Protecting Banking Resources

Are your resources protected?

Enumerate the interesting targets

Define the path to the targets (Transition graphs)

Apply trust boundaries (security measures)

Define the weaknesses of the security measures adopted

Appendix A: Security Considerations about Authentication Solutions and Malware

Password

TAN (Gridcard, Scratch Card)

OTP (Time Based, Click Based)

CAP (Random Nonce, Challenge Response)

SMS Challenges

Cellphone Caller-ID

Appendix B: Banking Malware Families (Active in 2012)

Spyeye

Zeus

Carberp

Tatanga

Urlzone

References

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools