Does Your Threat Model Consider Country and Culture?
A Case Study of Brazilian Internet Banking Security to Show That It Should!
Every attack has a story. Uncovering these stories is essential to identify the gaps that allowed the attack to occur and the countermeasures to prevent it from happening again. Over time, many security players tried to model these gaps and countermeasures in their threat models, but all these attempts present the same drawback: they generalize everything! However, not every threat is global.
https://www.usenix.org/conference/enigma2021/presentation/botacin
#presentation #study #threadmodel #security #countermeasures
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
A Case Study of Brazilian Internet Banking Security to Show That It Should!
Every attack has a story. Uncovering these stories is essential to identify the gaps that allowed the attack to occur and the countermeasures to prevent it from happening again. Over time, many security players tried to model these gaps and countermeasures in their threat models, but all these attempts present the same drawback: they generalize everything! However, not every threat is global.
https://www.usenix.org/conference/enigma2021/presentation/botacin
#presentation #study #threadmodel #security #countermeasures
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag