L33tdawg: Video of their talk from #HITB2013AMS is available on YouTube.Products frequently follow a trajectory from customized prototypes to mass-produced goods, and -- when the market matures --... read more
Featured Slideshow
RSA
RSA's SecurID breach linked to China, researcher says
Submitted by l33tdawg on Thu, 2011-08-04 00:47
The breach of RSA, the security division of EMC, last spring in which sensitive information related to RSA SecurID tokens was stolen, can be traced back to an attack originating in China, a security researcher strongly believes based on a close look into malware associated with the RSA breach.
- Read more about RSA's SecurID breach linked to China, researcher says
- Log in or register to post comments
- 1856 reads
SecurID users targeted by fake NSA email
Submitted by l33tdawg on Mon, 2011-07-25 23:40
RSA's SecurID token users have recently been targeted with fake emails supposedly coming from the US National Security Agency urging them to update their token code.
The address from which the emails are sent has been spoofed and says "protection@nsa.security.gov", but the offered malicious links take the victim to the national-security-agency.com domain, which according to Cyveillance, has been registered only the day before the spam run was started.
- Read more about SecurID users targeted by fake NSA email
- Log in or register to post comments
- 1037 reads
Symantec scraps RSA tokens
Submitted by l33tdawg on Fri, 2011-07-08 09:01
Symantec has begun to replace its global fleet of RSA SecurID tokens following its acquisition of VeriSign's Authentication Services last year.
The swap comes in the wake of the high-profile breach of RSA tokens in March, although the company said it already had planned to "eat its own cookie" and dump RSA for Versign's Public Key Infrastructure platform.
- Read more about Symantec scraps RSA tokens
- Log in or register to post comments
- 2305 reads
Is it time for RSA to open up about SecurID hack?
Submitted by l33tdawg on Sat, 2011-06-11 07:04
For any company that makes its living selling security, it's a nightmare come true. This week, RSA Security admitted that hackers who broke into its network three months ago had stolen information about its SecurID tokens and then used that information to attack a customer, Lockheed Martin.
- Read more about Is it time for RSA to open up about SecurID hack?
- Log in or register to post comments
- 1266 reads
Dan Kamsinky On The RSA SecurID Compromise
Submitted by l33tdawg on Fri, 2011-06-10 15:57
Authentication failures are getting us owned. Our standard technology for auth, passwords, fail repeatedly — but their raw simplicity compared to competing solutions drives their continued use. SecurID is the most successful post-password technology, with over 40 million deployed devices. It achieved its success by emulating passwords as closely as possible. This involved generating key material at RSA’s factory, a necessary step that nonetheless created the circumstances that allowed a third party compromise at RSA to affect customers like Lockheed Martin.
- Read more about Dan Kamsinky On The RSA SecurID Compromise
- Log in or register to post comments
- 2463 reads