Skip to main content

RSA

RSA Spearphish Attack May Have Hit US Defense Organizations

posted onSeptember 9, 2011
by l33tdawg

The hackers who broke into EMC's RSA Security division last March used the same attack code to try to break into several other companies, including two U.S. national security organizations, according to data provided by the VirusTotal website.

"According to our data, RSA was just one of the targets," said Bernardo Quintero, the founder of malware analysis site VirusTotal. Attackers "used the same malware to try to penetrate other networks," he said in an email interview.

Leaked RSA data points to Sino-cyber espionage ring

posted onAugust 19, 2011
by l33tdawg

A massive Pastebin dump of domain names and IP addresses supposedly linked to a cyber espionage ring appears to be the real deal.

The Pastebin dump, dated August 15, lists around 850 entries containing domain names and IP addresses, supposedly leaked by "RSA Employee #15666". The dump asserts the IP addresses and domain names listed are used in command and control operations by a cyber-espionage ring.

Assume you're next: RSA

posted onAugust 5, 2011
by l33tdawg
Credit:

Companies need to reconsider their security focus to concentrate on dealing with hackers once they're in, rather than assuming that they can always keep them out, according to Australia and New Zealand RSA general manager Andy Solterbeck, sending the message that if it happened to them, it could happen to anyone.

SecurID users targeted by fake NSA email

posted onJuly 25, 2011
by l33tdawg

RSA's SecurID token users have recently been targeted with fake emails supposedly coming from the US National Security Agency urging them to update their token code.

The address from which the emails are sent has been spoofed and says "protection@nsa.security.gov", but the offered malicious links take the victim to the national-security-agency.com domain, which according to Cyveillance, has been registered only the day before the spam run was started.

Symantec scraps RSA tokens

posted onJuly 8, 2011
by l33tdawg

Symantec has begun to replace its global fleet of RSA SecurID tokens following its acquisition of VeriSign's Authentication Services last year.

The swap comes in the wake of the high-profile breach of RSA tokens in March, although the company said it already had planned to "eat its own cookie" and  dump RSA for Versign's Public Key Infrastructure platform.