rsa

News

• Notable quotes from RSA 2012

  With thousands of security experts, vendors and customers turning out for the weeklong RSA Conference in San Francisco once again, how could there not be a few notable quotes? Here are my picks:

• Cyberterrorism threat shouldn't be underestimated, some security experts say

  Concern about cyberterrorism was evident this week among security experts at the RSA security conference in San Francisco, who find that some people with extremist views have the technical knowledge that could be used to hack into systems.

• How to catch an Internet cyber thief

  They're out there, says security researchers: the Chinese hackers attempting to break into U.S. enterprises, and jihadist terrorists that brazenly post videos of sniper killings, while stealing credit-cards to launder money for funding nefarious campaigns in Mideast or Caucasus hot spots.

• Security experts debate if markets or legal liability will ensure secure software

  Consumer desire for unnecessary features has encouraged the development of insecure and unreliable software products, said Tenable Network Security CSO Marcus Ranum, during a debate on Wednesday about software liability at the RSA security conference in San Francisco.

• More than half of organizations take months or years to discover a breach, Verizon says

  Over 90 percent of data breaches are the result of external attacks and almost 60 percent of organizations discovered them months or years later, Verizon said in a report released at the RSA security conference on Wednesday.

• National Security Agency defines smartphone strategy: Think Android (maybe)

  America's intelligence agency, the National Security Agency (NSA), today disclosed how it's going to handle mobile security.

• Alleged RSA crypto flaw hotly debated

  Is the RSA cryptosystem flawed or is the recent sharp criticism of it the result of poor — or even malicious — implementation of key-generation techniques that appear to have rendered some RSA-based encryption keys crackable?

• Malware increasingly uses DNS as command and control channel to avoid detection, experts say

  The number of malware threats that receive instructions from attackers through DNS is expected to increase, and most companies are not currently scanning for such activity on their networks, security experts said at the RSA Conference 2012 on Tuesday.

• Secunia: We don't know how vendors will react to our repackaging their updates

  Security firm Secunia expects a reaction from vendors as it plans to repackage security updates for hundreds of applications into its own proprietary installer and deliver them through the new version of Personal Software Inspector (PSI).

• Cisco takes first step in delivering on SecureX vision

  A year Cisco put forward its vision called SecureX about how it would devise ways that its network products, first its firewalls, would be able to capture information related to user devices, especially tablets and smartphones, to exert context-based security control. Today, Cisco took the first step to deliver on that vision while acknowledging more needs to be done.

• RSA teams to bolster security for Apple, Google, RIM devices

  SAN FRANCISCO -- RSA, the security division of EMC, today said it would collaborate with several mobile and virtualization platform vendors to integrate RSA two-factor authentication and risk-detection technologies.

• RSA Conference: Symantec inaugurates O3 cloud-based single sign-on service

  At the RSA Conference Tuesday, Symantec announced general availability of its O3 cloud-based single sign-on (SSO) and authentication service, which adheres to a concept company CEO Enrique Salem outlined exactly a year ago at RSA 2011. Symantec also provided detail on future capabilities the O3 cloud service will have for data-loss prevention and encryption.

• Malware authors expand use of domain generation algorithms to evade detection

  Malware authors are increasingly adopting flexible domain generation algorithms (DGAs) in order to evade detection and prevent their botnets from being shut down by security researchers or law enforcement agencies.

• HP rolling security products at RSA Conference

  At the RSA Conference that starts today, HP is introducing a number of products, starting with a risk-management tool for gaining visibility about IT assets, operations, vulnerabilities and threats in order to provide a "risk score" and, if needed, prioritized remediation.

• CA links data-loss prevention to identify management for SharePoint file protection

  At the RSA Conference today, CA Technologies put forward product plans for linking its data-loss prevention (DLP) technology with its identity access and management to dynamically restrict individuals from accessing information deemed off limits -- in this case, data held in Microsoft SharePoint.