Avivah Litan

A member of the Gartner Blog Network

Archives for September, 2010


Bank hackers using Zeus arrested – finally!

by Avivah Litan  |  September 30, 2010  |  1 Comment

I was pleasantly surprised to hear about the arrests yesterday in the UK, and the indictments today in the U.S.  for 19 and 34 individuals (probably the money mules – not the masterminds) respectively participating in Zeus-based trojan attacks against bank customer accounts. The UK perpetrators (15 men and 4 women) allegedly stole at least […]

1 Comment »

Category: Uncategorized     Tags:

SMS/OTP under attack – Man in the Mobile

by Avivah Litan  |  September 28, 2010  |  1 Comment

This past week, I was made aware of two attacks on SMS/OTP which is commonly used by non-U.S. banks, and now Google Apps, for two factor authentication. I just had a demo of a phishing attack that captured my log in id and password to my presumed bank, and then told me to wait.  The […]

1 Comment »

Category: Uncategorized     Tags:

Google two factor authentication a first step – but a lot more need to be taken

by Avivah Litan  |  September 20, 2010  |  2 Comments

Google announced two factor authentication for Google Apps today. It will use SMS/OTP – either sent to a phone or launched from a native smartphone application.  It’s sure to set off a round of hyped up enthusiasm among vendors clamoring to introduce cloud-based authentication services (e.g. VMware with its acquisition of Tricipher, CA with its […]

2 Comments »

Category: Uncategorized     Tags: