Articles about rsa

Gold robot photo via Shutterstock

I, Robot? Aiiiee, ROBOT! RSA TLS crypto attack pwns Facebook, PayPal, 27 of 100 top domains

A 19-year-old vulnerability in the TLS network security protocol has been found in the software of at least eight IT vendors and open-source projects – and the bug could allow an attacker to decrypt encrypted communications. Identified by security researchers Hanno Böck, Juraj Somorovsky of Ruhr-Universität Bochum/Hackmanit, …
Thomas Claburn, 13 Dec 2017

RSA coughs to critical-rated bug in its authentication SDK

RSA developers and admins have been given two critical-level authentication bugs to patch. For the sysadmin, the issue struck RSA's software providing Web-based authentication for Apache. CVE-2017-14377 is an authentication bypass that existed because of an “input validation flaw in RSA Authentication Agent for Web for Apache …
panic

F5 DROWNing, not waving, in crypto fail

If you're an F5 BIG-IP sysadmin, get patching: there's a bug in the company's RSA implementation that can give an attacker access to encrypted messages. As the CVE assignment stated: “a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) …

Never mind the WPA2 drama... Details emerge of TPM key cockup that hits tonnes of devices

RSA keys produced by smartcards, security tokens, laptops, and other devices using cryptography chips made by Infineon Technologies are weak and crackable – and should be regenerated with stronger algorithms. In short, Infineon TPMs – aka trusted platform modules – are used in countless computers and gadgets to generate RSA …
John Leyden, 16 Oct 2017
Man with megaphone

This is the Dell security team. We have you surrounded. Come out with a purchase order

Security buyers: Dell's got you surrounded. Come out with a purchase order, buy security software, and we can bring this to a peaceful ending. That appears to be the plan for integrating RSA and Dell, based on interviews The Register has conducted with RSA execs at the company's Asian conference in Singapore. We wanted to …
Simon Sharwood, 28 Jul 2017
burglar

A vendor that doesn’t think AI and ML will fix security? We found one!

Machine learning and artificial intelligence will improve security technologies and outcomes, but “won’t move the needle as much as people think”, according to RSA chief technology officer Zulfikar Ramzan. Speaking to The Register at the company’s Asian conference in Singapore today, Ramzan said that while AI and ML will …
Simon Sharwood, 26 Jul 2017

RSA SecurID admin console can issue emergency access to decent social engineers

Stop us if you've heard this one: an emergency access feature offered by RSA for SecurID token customers isn't completely secure. That's the opinion of pentest outfit Netspi, whose Alexander Leary worked out how to abuse the SecurID Emergency Access Tokencodes (EAT). The use-once codes are intended to provide a temporary …

Boffins show Intel's SGX can leak crypto keys

A researcher who in January helped highlight possible flaws in Intel's Software Guard Extensions' input-output protection is back, this time with malware running inside a protected SGX enclave. Instead of protecting the system, Samuel Weiser and four collaborators of Austria's Graz University of Technology write that the proof …
ISIS

Don’t panic over cyber-terrorism: Daesh-bags still at script kiddie level

RSA USA There’s no need to panic about the threat of a major online terrorist attack, since ISIS and their allies are all talk and no trousers. That's according to the former head of the US National Counterterrorism Center. Matt Olsen, who has also served as the NSA’s top lawyer, told the RSA security conference today that the levels …
Iain Thomson, 16 Feb 2017
Eric Schmidt

THE SCHMIDT HITS THE BAN: Keep your gloves off AI, military top brass

RSA USA Alphabet exec chairman Eric Schmidt is worried that the future of the internet is going to be under threat once the world’s militaries get good at artificial intelligence. Speaking at the RSA security conference in San Francisco, Google's ultimate supremo said he is worried the internet will be balkanized if countries lock …
Iain Thomson, 16 Feb 2017

Revealed: Web servers used by disk-nuking Shamoon cyberweapon

A detailed analysis of the Shamoon malware – which is playing a huge role in the cyberwar between Saudi Arabia and Iran – has identified servers used to spread the software nasty. Shamoon surfaced in 2012 when it infected 30,000 workstations in the world’s largest oil production firm, Saudi Aramco, wiped their hard drives, and …
Iain Thomson, 16 Feb 2017

You know IoT security is bad when libertarians call for strict regulation

RSA USA We all know the vast majority of Internet-of-Things devices haven’t anything more than a fig leaf for protection. Now the unlikeliest of folks are calling for rules to improve IoT security: libertarians. In a session today at the RSA infosec conference in San Francisco, Olaf Kolkman, the Internet Society’s chief internet …
Iain Thomson, 15 Feb 2017
RSA

Forget quantum and AI security hype, just write bug-free code, dammit

RSA USA Every year, the RSA Conference in San Francisco brings out the best and the brightest for its crypto panel, and the view from the floor was simple. Ignore the fads and hyped technology, and concentrate on the basics: good, clean, secure programming. The panelists were unimpressed with recent moves to build artificially …
Iain Thomson, 15 Feb 2017
Adrian Ludwig

Google claims ‘massive’ Stagefright Android bug had 'sod all effect'

RSA USA Despite shrill wailings by computer security experts over vulnerabilities in Android, Google claims very, very few of people have ever suffered at the hands of its bugs. Speaking at the RSA security conference in San Francisco on Tuesday, Adrian Ludwig, director of Android security, said the Stagefright hole – which prompted …
Iain Thomson, 15 Feb 2017

'We need a new Geneva Convention to protect all citizens from snoops'

RSA USA In 1949, the world’s nations came together to sign the Geneva Conventions, according respect in times of war to civilians, soldiers incapable of fighting, and prisoners of war. Now we need to go back and do the same for civilians caught up in online conflict, according to Microsoft. In a keynote at this year's RSA USA …
Iain Thomson, 14 Feb 2017
Michael McCaul

No crypto backdoors, more immigration ... says Republican head of House Committee on Homeland Security

RSA USA Representative Michael McCaul (R-TX), head of the US House Committee on Homeland Security, seemed a tad off-message today at the RSA USA security conference. He told an audience in San Francisco this morning that his committee had examined proposals to demand mandatory backdoors in encryption products and software to help …
Iain Thomson, 14 Feb 2017
The hit augmented reality smartphone app "Pokemon GO" shows a Pokemon encounter overlain on a real world trail in the forest in Santa Cruz, California. Photo by Matthew Corley for Shutterstock. EDITORIAL USE ONLY!.

I don't like Mondays, Pokemon, Twitter or Facebook – Sir Bob Geldof

RSA Asia Activist pop star Sir Bob Geldof hates Pokemon Go, Facebook and Twitter, has never bought anything online, and uses a Nokia 3100 which he says avoids the need for mobile security. Sir Geldof Sir Bob and his Nokia relic. The muso and Irish punk-now-pop icon took aim at the meaningless obsessions of the modern world during a …
Darren Pauli, 25 Jul 2016
Image by KYTan http://www.shutterstock.com/gallery-1088876p1.html

Asian nations mull regional 'Europol' in fight against cybercrime

RSA APAC A closed-door meeting of cabinet ministers from more than a dozen countries met yesterday to mull the creation of a Europol-style organisation to crack down on cyber crime in the region and abroad, The Register has learned. The Asian organisation is conceptual only, but has support from countries including China, Malaysia, …
Darren Pauli, 21 Jul 2016

Create a news alert about rsa, or find more stories about rsa.

Biting the hand that feeds IT © 1998–2018