Skip to main content

RSA

RSA to focus on mobile threats and Pegasus cloud security

posted onJanuary 20, 2012
by l33tdawg

RSA Security executives have outlined the company's 2012 product strategy, focusing on mobility, anti-threat and cloud security.

Earlier this week RSA executive chairman Art Coviello revealed that following the attack that compromised RSA SecurID tokens last year, the company has been sought after by others who do not want such an incident to happen to them.

Windows 8 picture security just a toy, claims RSA SecurID inventor

posted onDecember 23, 2011
by l33tdawg

The Windows 8 feature that logs users in if they touch certain points in a photo in the right order might be fun, but it's not very good security, according to the inventor of RSA's SecurID token.

"I think it's cute," says Kenneth Weiss, who now runs a three-factor authentication business called Universal Secure Registry. "I don't think it's serious security."

Top 10 Influential 2011: RSA's advanced persistent threat

posted onDecember 7, 2011
by l33tdawg

While the repeated hacking of Sony's PlayStation Network service grabbed mainstream media attention this year, an even more surprising compromise was being played out with RSA's SecurID tokens, earning it a place in the Top 10 Influential list for 2011. The drama began on 18 March 2011 when security vendor RSA discovered it had been hit by an advanced persistent threat (APT) from an undisclosed nation state which took all the information stored on its SecurID tokens.

RSA Breach: Eight Months Later

posted onNovember 16, 2011
by l33tdawg

More than eight months after the RSA SecurID breach bombshell was dropped on the industry, security professionals still whisper among themselves at the long-term ramifications of what RSA called the extraction of "information related to the RSA SecurID product." To this day, RSA still won't confirm what exactly was stolen from its systems, but speculation has run high that the token seeds were compromised in some way.

RSA Extends Reach Of SecurID To Microsoft Cloud

posted onNovember 8, 2011
by l33tdawg

Microsoft has integrated RSA's SecurID multiple authentication technology with Active Directory Federation Services, which lets companies extend identity data from the directory service to the cloud.

While ADFS provides user name and password services, RSA's technology goes several steps further by adding another layer of user authentication by way of a hardware or software token that generates an identifying code every 60 seconds.

RSA SecurID token attack hits Australian companies

posted onOctober 28, 2011
by l33tdawg

The aftermath of the RSA SecurID token attack which occurred in March and led to the replacement of thousands of tokens, has continued with the revelation that customers of Australian Internet service providers, including Telstra and iiNet, may have been compromised.

This was because hackers used the same command and control techniques that infiltrated RSA to target 760 companies around the world.

RSA questions whether cybersecurity awareness month is working

posted onOctober 28, 2011
by l33tdawg

October is designated as cybersecurity awareness month but, according to this month's fraud report from RSA, you'd be hard pressed to say that the message on IT security is getting across, as the firm has just thwarted its 500,000th phishing attack against one of its client's systems.

According to the report, during the month, phishing attacks rose by 45%, hitting an all-time high of 38,970 in September. The increase, says the security firm, is largely attributed to repeated attacks on a handful of large financial institutions.

RSA Attackers May Have Hit 760 Other Organizations With Similar Malware

posted onOctober 25, 2011
by l33tdawg

The malware used to compromise RSA Security earlier this year may have been used in attacks against more than 700 other organizations, according to a report by security writer and analyst Brian Krebs.

Facebook, Google and eBay are among the 760 organizations that may have been hit by malware that used the same command and control infrastructure as the one used in the RSA breach, security writer Brian Krebs wrote on Krebs On Security on Oct. 24. Of the total list, about 20 percent are considered to be Fortune 100 companies.