Blog Posts Tagged with "RSA"
Training for RSAC
February 03, 2013 Added by:Wendy Nather
Yes, I'm getting ready for the RSA Conference next month in San Francisco. RSA is a particularly brutal week for those in my line of work. In order to get ready for this challenge, I've been doing the following exercises, which you may want to try as well...
Comments (0)
ICS-CERT: Key Management Errors in RuggedCom’s ROS
August 23, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a report of hard-coded RSA SSL private key within RuggedCom’s Rugged Operating System (ROS). The vulnerability with proof-of-concept (PoC) exploit code by security researcher Justin W. Clarke can be used to decrypt SSL traffic between an end user and a RuggedCom network device...
Comments (0)
Citadel Malware May Be Coming Off the Open Market
July 03, 2012 Added by:Headlines
"With law enforcement hot on their heels, developers of the Citadel Trojan... dropped the bomb. The team’s spokesman declared that very soon their “software” will no longer be publicly available through the underground venues where the team has traditionally marketed and sold Citadel..."
Comments (0)
RSA: Claims of SecurID 800 Token Crack are Whack
June 27, 2012 Added by:Headlines
"RSA has received many inquiries, press pickups, blog entries, and tweets regarding an alleged crack by researchers of the RSA SecurID 800 authenticator... an alarming claim and should rightly concern customers who have deployed the RSA SecurID 800 authenticator. The only problem is that it’s not true..."
Comments (0)
Researchers Crack RSA SecurID Tokens, Extract Keys
June 25, 2012 Added by:Headlines
"[These products are] designed specifically to deal with the case where somebody gets physical access to it or takes control of a computer that has access to it... Here, if the malware is very smart, it can actually extract the keys out of the token.That's why it's dangerous"...
Comments (0)
A Meandering Rant on Sexism in Security
May 22, 2012 Added by:Jack Daniel
The depressing “booth babe” situation is an ongoing embarrassment. In the right contexts, I have nothing against attractive people, fast cars, or other things normally used to sell cheap beer - I just don’t believe that tech and security events are the correct contexts...
Comments (2)
Infosec Island Seeks Industry Partners for Security Conferences
May 07, 2012 Added by:Infosec Island Admin
Through a combination of custom content publication that features products and services, video interviews with company personnel onsite, and traditional banner ad campaigns, organizations can better leverage the impact of attendance and participation at key industry events...
Comments (0)
New Release of COREvidence Multi-Engine Vulnerability Service at RSA Conference
March 29, 2012 Added by:Nabil Ouchn
This newest release comes with a bunch of new features and concepts. The dashboard has been designated to display clear and specific data for our users. At a glance customers can determine the assets with the least secure status. All relevant information is at your fingertips...
Comments (0)
A Post BSidesSF and RSA Post
March 15, 2012 Added by:Jack Daniel
The RSA Conference was the RSA Conference. It was better than the past few years as far as content. It is not the place for cutting edge research, and the expo is all about selling security products. It can be disillusioning to see the crass commercial side of our business...
Comments (1)
On Hacking Humans at the RSA Conference
March 06, 2012 Added by:
RSA was a veritable cornucopia of data collection. There were no firewalls, human IDS/IPS or content filtering at this show. People openly discussed strategic plans, engineering specs and tactical activities whether over morning coffee or late night shots of Patron...
Comments (2)
Cloud Security Report: The Cloud May Be Safer
March 05, 2012 Added by:alan shimel
This first installment of what promises to be a semi-annual report sheds some real light on the differences between on premises and cloud security environments, and also advances the notion that despite the FUD the cloud may in fact be safer for certain kinds of applications...
Comments (0)
RSA Conference 2012 Wrap-Up
March 04, 2012 Added by:Robb Reck
RSA 2012 is in the books. The crypto-geniuses have gone home and are again working on solving our most challenging technical problems. The rest of us have returned home with some new insights and an improved plan for implementing security in our own little corners of the world...
Comments (0)
Observations from RSA, BSides, and GABA
March 03, 2012 Added by:Joe Weiss
Stuxnet was being discussed by many without understanding the controller aspect. Most vendors were using technologies developed for monitoring IT networks and applying them to the SCADA networks. There were very few vendors that were addressing the field controllers...
Comments (0)
RSA Conference 2012: Day One Highlights
February 28, 2012 Added by:Robb Reck
The biggest key to the success of any security program is achieving goal congruence with the organization. Every security objective should directly support the overall objectives of the company. Security must figure out how our projects contribute to the organization’s success...
Comments (0)
Infosec: Where is Our “Long Tail”?
February 20, 2012 Added by:Dave Shackleford
The “long tail” concept illustrates the subtle, often overlooked 20% market that tends to be more niche. We need those organizations that are desperate to find unusual solutions that are not available at all right now. And we need small startups to provide them...
Comments (2)
Disclosures: How Much Sharing is Too Much?
February 15, 2012 Added by:Jack Daniel
What is the point of telling you I was compromised by spear phishing, SQL injection, cross site scripting, cross site request forgery, default credentials, or anything else we’ve know about for years? If you are ignoring all of the well-known risks, it is a waste of time...
Comments (0)
- 'DarkGate' Campaign Targets Europeans with Multiple Payloads
- Facebook Patches Bug that Exposed Private Information
- A Human-Centered Approach to Building a Smart, Satisfied Information Security Team
- Addressing the CISO’s Key Challenges in 2018 and Beyond with Endpoint Detection and Response
- Fight Fileless Malware on All Fronts
- How to Protect SMBs Against Phishing Attacks via Social Engineering
- DDoS Disruption: Election Attacks
- Buy, Rent, or Uber Your Security Operations Center
- What You Need to Know about the Recent Apache Struts Vulnerability
- Crypto-Mining Malware Attacks on iPhones Up 400%: Report