[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] New Paper: MitM Attacks against the chipTAN comfort Online Banking System

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] New Paper: MitM Attacks against the chipTAN comfort Online Banking System
From: Nick FitzGerald <nick@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 25 Nov 2009 02:03:53 +1300

Thierry Zoller wrote:

<<snip>>
> For  sake  of  allowing  proper risk  assessment by technically less
> trained persons - one should coin a better term than classical mitm -
> but maybe I am mistaken? what about MITMa (man in the machine)

In my experience, "Man in the Browser" (or MitB) is the phrase that 
this is commonly known as in the anti-malware and phishing communities 
(regardless that some of the components involved are not "in the 
browser", per se, at all).

Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] New Paper: MitM Attacks against the chipTAN comfort Online Banking System
  - From: RedTeam Pentesting GmbH
- Re: [Full-disclosure] New Paper: MitM Attacks against the chipTAN comfort Online Banking System
  - From: Thierry Zoller

Prev by Date: Re: [Full-disclosure] New Paper: MitM Attacks against the chipTAN comfort Online Banking System
Next by Date: [Full-disclosure] [USN-861-1] libvorbis vulnerabilities
Previous by thread: Re: [Full-disclosure] New Paper: MitM Attacks against the chipTAN comfort Online Banking System
Next by thread: Re: [Full-disclosure] New Paper: MitM Attacks against the chipTAN comfort Online Banking System
Index(es):
- Date
- Thread