Latest from the Blog

Protectoria and Prosa Securities in the Norwegian financial press 

Protectoria has recently launched our latest solution for PSD2 compliant authentication on one device only. Our solution (PSMP) has been through a security evaluation by a German security evaluation company (SRC). In the process of developing and preparing this software Prosa Securities has proven a valuable partner, offering in-depth tools for analyzing the strength and [...]

The threat of insecure networked devices

For more than a decade, criminals have been hacking into large number of Internet-connected devices in order to further their goals. They then connect them into a network commonly known as a botnet, which allows them to control large numbers of devices. The word botnet is a combination of the words robot and network. Originally, [...]

New social engineering methods used by the AceKard Trojan

The AceKard Trojan has become one of the major worldwide threats against banks all over the world. First being detected in January 2014 it originally attacked banking users only in Russia, but currently users in Europe, USA and Australia are also being attacked. The modus operandi of AceKard was originally like other strands of malware: [...]

Systemic cyber security risks ahead on critical infrastructures

This month a report released by the U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) revealed how vulnerable Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition Systems (SCADA) really are. Even though these systems were never built for running on computers connected to open networks, they are now more and more often being [...]

Did you know that there are striking similarities between old-school banking culture and the poor leadership that ultimately caused the Kodak moment?

We at Protectoria want every banking manager to read the attached analysis on how and why the poor Kodak leadership led to the company's bankruptcy. The Kodak moment is a lesson everybody should learn. Kodak went from being the fifth most valued brand worldwide in 1996 to bankruptcy in 2012. Reading the analysis, you will [...]

A new world record on Distributed Denial of Service (DDoS) attacks was set last week, reaching over one terabit per second (1 Tbps)

“Internet of Things (IoTs) -powered DDoS attacks have now reached an unprecedented size, as it is too easy for hackers to gain control of poorly configured, or vulnerable, IoT devices. Late last year, we reported that lazy manufacturers of the IoTs and home routers are reusing the same set of hard-coded SSH (Secure Shell) cryptographic [...]

Super user level malware: an upcoming threat

It might come as a surprise to those who follow computer security news that the security vulnerabilities that get the most attention in the media, such as Stagefright, Quadrooter and the Trident iOS exploits,  are, in fact, rarely used for banking fraud. What they do is give an attacker so-called root or superuser level access, [...]

Qadar banking malware stayed under the radar for 3 years, according to IBM

The operators of the Qadar banking malware have attacked banks worldwide for 3 years, continuously adapting their defences against detection with more and more sophistication. 18 UK banks have been attacked since August 2016. Losses are not disclosed. IBM states: “…this Trojan has been flying under the radar for over three years, attacking banks in [...]

Just view a picture on an Android phone and get 100% hacked

900 million phones are systematically open for this hack, called Quadrooter, which was detected in early August 2016. The toxic effect of this attack is that it is providing the hacker a 100% remote takeover with root-access over the operating system. At this position the hacker can steal and manipulate everything, including financial transactions and gain [...]

What the Trident iOS exploits reveal about future mobile security challenges

On August 24th 2016, Apple released a security update for iOS devices which addressed a trio of vulnerabilities that has become known as Trident. The backstory for this patch is interesting: A human rights activist in Saudi Arabia, Ahmed Mansoor, received a suspicious text message promising new information on torture in the United Arab Emirates. [...]