Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

SyScan'06 Highlight - Is Phone Banking Safe?

From: thomas48 <thomas48 () singnet com sg>
Date: Wed, 28 Jun 2006 12:21:50 +0800
This is a brand new presentation and its going public for the very first time in SyScan'06.
Marek Bialowlowy is a Polish security researcher based in Southeast Asia whose expertise is researching into mobile technologies like phone banking, wifi and bluetooth etc. In this presentation in SyScan'06, he will present his shocking findings in one of the most popular banking application.
Use of a telephone in banking is considerably widespread. The most popular is certainly the interactive voice response (IVR) technology, which has been adopted by nearly all major banks. There is also a new successor of this technology that is a mobile banking. It is mainly based on SMS or STK (SimToolkit) and the popularity of it is rapidly increasing largely thanks to the popularity of mobile phones. Certainly with benefits of new technology also come new threats which have to be addressed. Meanwhile, the old IVR based technology still lacks security, which questions the overall safety of using phone in banking services.
The presentation summarises results of comprehensive analysis into phone banking security and introduces never previously presented attack scenarios on phone banking systems, reveals the security weakness in phone banking systems of a major banks and explains some potential methods of minimising the risks. 

Other presentations at SyScan'06 include:

Unpacking Malware, Trojans and Worms - Paul Craig
Towards Automated Botnet Detection and Mitigation - Thorsten Holz
I-worm Fuzzer: A new propagation type of worm - Enrique Sanchez
Securing Linux/Unix Systems - Andrew Griffiths
VoIP Security Issues - Hendrik Scolz
Exploiting Embedded System - Barnaby Jack
Reverse Engineering Microsoft Binaries - Alexander Sotirov
Feeding Fuzzing - ByteRage
Writing behind a Buffer - Angelo Rosiello
Skeletons in Microsoft Closet - Andre Protas
Binary Analysis; finding secrets in ISAPIs
Yet Another Web Application Testing Toolkit - Fyodor Yarochkin
Oracle Rootkit and Viruses - Alexander Kornbrust
Attacking Microsoft Vista - Joanna Rutkowska


For more information, please visit
http://www.syscan.org
Previous By Date Next
Previous By Thread Next

Current thread: