WebApp Sec mailing list archives

Mitm new?

From: "Jeff Robertson" <jeff.robertson () digitalinsight com>
Date: Mon, 14 Aug 2006 13:52:46 -0400

Why are man-in-the-middle phishing sites suddenly talked about as a
"new" threat, as if there was rocket science involved?

For instance
http://blog.washingtonpost.com/securityfix/2006/07/citibank_phish_spoofs
_2factor_1.html

These things are basically proxies, which are as old as the web. Why
does it surprise anyone to see these combined with phishing? (Then
again, I still haven't figured out why phishing as we know it didn't
"take off" circa 1994)

Jeff Robertson
Manager of Web Application Security
Digital Insight

-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire was recently named the worldwide market leader in Web
application security assessment tools by both Gartner and IDC.
Download a free trial of AppScan today and see why more customers choose
AppScan then any other solution. Try it today!

https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnB
--------------------------------------------------------------------------

Current thread:

Mitm new? Jeff Robertson (Aug 16)
- Re: Mitm new? Rogan Dawes (Aug 18)
- Re: Mitm new? mikeiscool (Aug 18)
- Re: Mitm new? Nick Owen (Aug 18)
- <Possible follow-ups>
- Re: Mitm new? ROB DIXON (Aug 18)