RSA
Global Secure Systems are one of the UK's premier IT Security providers. Our mission is to be "the Best IT Security Organisation within the UK and beyond." We achieve this by providing both the best service and support for RSA, alongside our range of 'best in class' security tools.
Global Secure Systems can cater for all of your RSA requirements. For the latest information on RSA click on your choice from the links below
About RSA
RSA is the premier provider of security solutions for business acceleration. As the chosen security partner of more than 90 percent of the Fortune 500, RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges.
In September 2006, after over 20 years providing leadership to the security industry, RSA Security joined forces with EMC Corporation and Network Intelligence to form the Security Division of EMC. Driving this merger is the recognition that customer needs have changed, and traditional approaches to information security are no longer sufficient. Increasingly, what should be your most important company asset-information-is your greatest liability.
In response, RSA is ushering in a new information-centric approach to security that will empower leading companies worldwide to address these challenges and move ahead with the confidence to compete and win in today's marketplace. Fueling our mission is the passionate belief that security should be about lifting business limitations, not imposing them.
An Information-centric Approach to Security
Enterprises are now global, virtual and dependent on dynamic information access. By nature, digital information is in constant motion throughout its lifecycle, often leaving the secured network perimeter via laptops, PDAs, email and backup tapes. In this shifting landscape, the battlefront in security is rapidly changing from securing the perimeter to protecting the information itself. RSA is responding to this need with an information-centric approach to security that guards the integrity and confidentiality of information throughout its lifecycle-no matter where it moves, who accesses it or how it is used. With information-centric security, organizations can be confident their information assets are protected, freeing them to explore new models, markets, partnerships and innovations.
Wide Range of Solutions
RSA's technology, business and industry solutions-coupled with professional services and third-party strategic partnerships-help customers put critical information into the hands of the people who need it, while protecting that information against unauthorized access.
Meeting Compliance
Organizations worldwide face an avalanche of regulatory mandates and recommendations, which require more holistic protection of identities and information, and the ability to audit security information to demonstrate compliance. As the list of regulatory mandates and recommendations grows, customers have turned to RSA for solutions that let them leverage investments now-and in the future.
Commitment to Interoperability
RSA has over 1,000 strategic partnerships with industry-leading companies that enable us to integrate our solutions into many diverse environments. Our partner network reads like a "who's who" list of industry powerhouses, including global integrators like Accenture® and platform vendors such as Microsoft®. The RSA SecuredTM technology partner program focuses on product integration and interoperability certification activities as well as joint support strategies for our mutual customers.
Standards Development
RSA plays an active leadership role in standards development initiatives-such as Liberty Alliance, OASIS, IETF and WS-Security-to ensure the technical superiority and interoperability of our solutions. Our current products support a multitude of standards, including PKCS, RADIUS and SAML.
Worldwide Service and Support
With support offices around the world, RSA provides customers with timely responses to their requests and inquiries. RSA offers expert advice and quick answers to keep customers up and running-every minute of every hour of every day-with 24x7 support from offices located around the globe. Additionally, our RSA SecurCare® Online offers customers web-based anytime, anywhere access to critical support information.
RSA Products
RSA SecurID® hardware tokens provide "hacker-resistant" two-factor authentication, resulting in easy-to-use and effective user identification. Based on RSA’s patented time synchronization technology, this authentication device generates a simple, one-time authentication code that changes every 60 seconds.
Used in combination with RSA SecurID authenticators, the RSA SecurID Appliance is designed to validate the identities of users by requiring the user to present a PIN (something they know) along with their token code (something they have) before granting access to valuable network resources.
RSA enVision™ technology is an information management platform for comprehensive and efficient transformation of event data into actionable compliance and security intelligence. RSA – The Security Division of EMC – pioneered security information and event management (SIEM), which has become a necessity for any company with operation-critical IT infrastructure and accountability to compliance standards. The most accurate analysis and verifiable compliance requires thorough data gathering. The RSA enVision Platform has been proven to efficiently collect and protect All the Data™ from any IP device, in computing environments of any size, without filtering and without the need to deploy agents.
Lumension Enterprise Reporting™ is a fully customisable, centralised business intelligence solution that enables organisations to consolidate,centrally manage and analyse vulnerability and configuration data across the enterprise, assess business risk through powerful and granular data vulnerability analysis and Demonstrate security policy and regulatory compliance status through flexible, customised vulnerability and security reporting.
The RA510 Series of rack-mountable proxy appliances provides small to mid-sized sites with the power to extend remote access to employees, partners, and customers while delivering on demand endpoint security and information protection features.
The RA8100 Series of rack-mountable proxy appliances provides large-sized sites with the power to extend remote access to employees, partners, and customers while delivering on demand endpoint security and information protection features.
RSA SecurID from Signify delivers the market leading strong authentication system as a fully managed service. Signify makes it quick, easy and affordable to roll out tokens to all your users and achieve compliance with the most rigorous industry regulations. The standard RSA SecurID token, which displays a new one-time passcode (OTP) every 60 seconds, is ideal for regular users who need simple, secure access from any device, anywhere.
GTA Mobile VPN Client provides the vital ability for remote users to initiate VPN communications with corporate resources. Using VPNs, "road warriors" or telecommuters can safely access corporate networks from unsecured public networks or un-trusted local networks. A VPN Connection can also be used to connect end users that need a secure "end user to host" connection to transmit sensitive information over an intranet. GTA Mobile VPN Client used in conjunction with firewall-to-firewall gateway VPN Connection provides a total IPSec VPN solution. GTA Mobile VPN Client meets IPSec standards.
RSA Product Families
RSA is the premier provider of security solutions for business acceleration. As the chosen security partner of more than 90 percent of the Fortune 500, RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges.
RSA Industry News
No major PCI DSS revision expected in 2010 PCI Security Standards Council general manager Bob Russo said the next revision of the Payment Card Industry Data Security Standard (PCI DSS), due in October, will contain clarifications but no major changes to the standard. "There won't be any surprises," Russo said. "We're more likely to see guidance documents."
Encryption, virtualization and the use of more secure payment terminals are expected to gain more attention. Those topics have been the focu......
[more] How to create secure passwords you can remember Microsoft Chairman Bill Gates declared the password dead. He told his audience that the password can't meet the challenge of keeping sensitive information protected, saying "People use the same password on different systems, they write them down and they just don't meet the challenge for anything you really want to secure." That was six years ago at the 2004 RSA Security Conference. Paraphrasing some wisdom from Samuel Clemens, the rumors of the p......
[more] General public more aware of security threats: RSA Reporting on security concerns around social networking sites has led to an increased knowledge of online privacy. A survey by RSA found that consumer awareness of phishing attacks has doubled between 2007 and 2009, and the number of consumers who reported falling prey to this attack increased six times during that same period. In addition, while hundreds of thousands of people join social networking websites each day, the survey exposed that n......
[more] Young facing online fraud risks Young people are most at risk from online fraud, according to two surveys. Those aged between 16 and 24 were the most likely to be defrauded in the UK with the typical theft amounting to £590, said insurance group CPP. A separate global survey by security group RSA found that 35% of those asked felt secure when banking online.
Both polls also found that many relied on their bank to inform them of thefts and highlighted fears about the security of social networkin......
[more] Security fears dog online banking Online banking customers are worried about their financial security but banks are lagging behind, according to a global survey of 4,500 internet users. The survey found security concerned 86 per cent of online banking users, compared to just 68 per cent for users of government web sites and 64 per cent for online health care. Four out of five wanted better protection than a simple password. "Consumers are very much aware of these threats," Seth Geftic, senior m......
[more] Hardware two-factor authentication token still a force Signify CEO defends token technology. Reports about the death of the hardware two-factor authentication have been very premature. Following claims by Goode Intelligence that the mobile authentication market is predicted to grow significantly over the next five years, but with major vendors losing ground to authentication specialists, SMS authentication providers SecurEnvoy further claimed that the trend will mean the death of the hardware to......
[more] H1N1 drives demand for secure remote access The H1N1 pandemic is pushing companies to upgrade their secure remote access capabilities in order to enable more employees to work out of their homes and other remote locations in an emergency. Vendors of remote access technologies are reporting an unexpected increase in demand for their products over the past several months as a result of H1N1-related concerns.
"What companies are really looking for is the ability to provide secure, remote access to......
[more] Amazon's EC2 brings new might to password cracking Forget what you've learned about password security. A simple pass code with nothing more than lower-case letters may be all you need - provided you use 12 characters. That's the conclusion of security consultant David Campbell, who calculated the cost of waging a brute-force attack on various types of passwords using cloud computing services offered by Amazon. Based on hourly fees Amazon charges for its EC2 web service, it would cost more than......
[more] Rogue trader calls for smarter regulation to avert disaster Nick Leeson, the rogue trader who bankrupted a bank before it became fashionable, said that unless the quality of regulation improves, further financial disasters such as the Barings Bank collapse he precipitated are inevitable. Leeson, told journalists at the RSA Europe conference on Thursday that little has changed in the 14 years since his actions resulted in losses in excess of £827m ($1.3bn) and the collapse of Barings in 20......
[more] iPhones and social networking add to IT security headaches The flood of consumer devices such as iPhones into the enterprise and workers giving away snippets of potential sensitive information via social networking sites have emerged as new threats in the information security landscape. During a roundtable at the RSA Conference Europe 2009, in London, Herbert Thompson, chief security strategist at People Security, explained how snippets of information that might by themselves appear unimportant......
[more] Consumers should clean up their act on personal security The growing use of social networking sites is leaving PC inadvertently open to identity thieves warned Hugh Thompson, chief security strategist at People Security. Speaking at the RSA Europe Conference, Thompson said that people were unaware just how many clues they left for fraudsters. He said such carelessness was fuelling the rise of cybercrime. He told the conference about the way he managed to access one of his wife's friend's bank a......
[more] Encryption is becoming more elaborate to ensure confidential business data is kept secret In 1597, Francis Bacon coined the phrase scientia potentia est, “for knowledge itself is power”, and this is as true today as it was then. Bacon could not have foreseen the change that has overtaken information, and business data in particular. Digital information is now one of the cornerstones of business, and never before has so much knowledge been available so easily. However, keeping business secrets ha......
[more] Scammers pose as banks in live chat hack Online scammers have created a phishing site masquerading as a US-based bank that launches a live chat window where victims are tricked into revealing more information, researchers at the RSA FraudAction Research Team said on Wednesday. After a user accesses the phishing site, the chat window messages come through the browser and not via a typical instant messenger application, RSA said in a blog post.
The chat window is displayed if the log-in credentia......
[more] Why malware writers are turning to open source Malware developers are going open source in an effort to make their malicious software more useful to fraudsters. By giving criminal coders free access to malware that steals financial and personal details, the malicious software developers are hoping to expand the capabilities of old Trojans. According to Candid Wüest, threat researcher with security firm Symantec, around 10 per cent of the Trojan market is now open source.
The move to an ope......
[more] Cloud computing faces security storm A storm-front is brewing for cloud computing, writes Paul Zimski, vice-president of market strategy at Lumension. As developers continue to reach towards the sky with insecure infrastructure, the chances for a disastrous squall increase every day. The cloud undoubtedly provides organisations with the opportunity to save money and achieve efficiency, by leveraging virtualisation to centralise applications, storage and platforms into pay-as-you-go, scalable bi......
[more] Trojan zaps banking credentials via IM No longer the province of teens and chat-obsessed netizens, instant messaging is being adopted by a growing number of banking malware applications, which zap pilfered credentials to thieves in real time. The latest entrant is Zeus, a trojan that monitors an infected PC for passwords entered into banking websites and other financial services. Over the past three months, investigators from RSA FraudAction Research Lab have observed the program, which also goe......
[more] Insider risk problem revealed Security experts have turned the notion that so called "malicious insiders" are the biggest cyber security threat for companies on its head. The security vendor RSA revealed that the majority of breaches are actually caused unintentionally by employees. Its survey showed that firms believed 52% of incidents were accidental and 19% were deliberate. "Unintentional risk gets overlooked, yet it's the most serious threat to business," said the RSA's Chris Young......
[more] Want to keep eavesdroppers out? HP researchers think they have the answer Two researchers for HP have created a browser-based darknet, an idea that could make it easier for businesses to keep eavesdroppers from finding out confidential corporate information. Darknets are encrypted peer-to-peer networks normally used to communicate files between closed groups of people. Most darknets require a certain level of technological literacy to set up and maintain, including taking care of the necessary......
[more] Radware, RSA team up to offer protection at network level Radware, a provider of integrated application delivery services for business-smart networking, and RSA, the security division of EMC have entered into partnership to expand an integrated crimeware blocking network designed to provide fraud protection for end users against both information and identity theft as well the spread of malware. Under the partnership, the two companies will build a proactive defense at the network layer to prote......
[more] RSA confirms Nick Leeson as keynote speaker for European conference Rogue trader Nick Leeson has been confirmed as the closing keynote speaker at the tenth annual RSA Conference Europe. In the aftermath of the AIB trading scandal in New York, the collapse of Enron and WorldCom, and most recently the failure of many international banks as a result of the global economic crisis, Nick will provide fascinating insights into the continuing failures of senior and middle management at large corporation......
[more] RSA's Coviello: Cloud computing not secure enough Cloud-based services are being rolled out without enough attention being paid to securing these services and the information they handle. That was the finding of a recent study commissioned by RSA Security. While the report's findings are alarming, there is still time for providers of these services to address the problem, said Art Coviello, executive vice president at EMC and president of RSA Security. The key is to look at security as an integ......
[more] Business technology innovation outstripping security warns RSA Time to take a 'time out' says Diageo CISO Organisations are rolling out new collaboration and communication technology before they have adequate security in place, according to a new report. A survey of 100 top security executives at companies with revenues of $1 billion, for RSA, found that 80 percent of companies are concerned that pressure to cut costs and generate revenue has increased their exposure to security risks. More than......
[more] Conficker.E set to self-destruct next week The latest version of Conficker is set to self-destruct next week according to security researchers. F-Secure, Trend Micro and SecureWorks are among those that believe Conficker.E - first spotted this April and probably created by the same attackers that since last fall let loose the Conficker.A through Conficker.C variants - has been designed to simply self-detonate on 5 May. "It will simply self-destruct," said Mikko Hypponen, chief researc......
[more] Hackers targeting human/machine interfaces Better security technology means that hackers are focusing more on the point where humans meet machines in their efforts to penetrate systems, an IBM security expert has said. In his keynote to the RSA 2009 conference, Brian Truskowski, general manager of IBM's Internet Security Systems (ISS) business, told delegates that despite all the improvements in security technology the human element was still the key weakness in any system.“We need to adm......
[more] Bank phishing fraudsters learn to spell Phishers aiming to defraud banks have raised their game - and at the very least have learned to spell - according to the banking executives tasked with stopping them. According to David Shroyer, Bank of America senior vice president of online security and enrolment, the attacks fraudsters are targeting at financial services organisations are continuing to develop. For example, fraudsters are now building phishing sites with malware embedded in them which......
[more] Layer up for security, say RSA experts A panel of network security experts have warned administrators to steer clear of so-called 'magic bullet' offerings. The group spoke to a crowd at this week's RSA conference on the virtues of using multiple security solutions and pursuing a 'defence in depth' philosophy for securing their networks. The system calls for adding multiple levels of security throughout the network, both to prevent intrusion and secure data within the network. Rather than relyin......
[more] Cryptography experts debate cloud-computing risks A group of pioneers in the security field, whose work in encryption is used to protect internet data and communications every day, spoke about the state of security at a cryptographer's panel at the RSA security conference in San Francisco on Tuesday. They tackled various questions about cybersecurity in general, but the topic that dominated was cloud computing. "Cloud computing is a challenge to security, but one that can be overc......
[more] When IT security becomes a gothic horror story The RSA Conference in San Francisco, the big annual get together for the great and the good of corporate IT security, is just getting under way - and I'll be reporting from it all this week. One of the nice quirks of the event is that each year it chooses an historical theme around IT security - this year the focus is on Edgar Allan Poe. Poe was fascinated by cryptography, often concealing hidden messages in his works, and even once challenged his......
[more] Cloud Security Alliance formed to promote best practices A group calling itself the Cloud Security Alliance announced its formation Tuesday, with eBay and ING as founding members. The alliance, which plans to make its first big splash at the upcoming RSA Conference, was formed to promote security best practices in a cloud computing environment. The on-demand cloud computing model is putting new demand on security, according to statements from Dave Cullinane, CISO at eBay. "The very nature......
[more] Enterprises still neglecting WLAN security Most European enterprises are neglecting their wireless LAN security, with an alarming number using only the most basic security protection for their wireless networks. So discovered a Motorola survey carried out by Vanson Bourne, which found that over half (65 percent) of large European companies use the same security measures for both wired and wireless networks, when in reality, they need different handling. The survey questioned 400 IT directors at......
[more] Phishers launch multi-platform IM attack Users of internet chat services such as Google Chat have been hit by a major phishing attack aimed at stealing account log-in details, security researchers have warned. The unsolicited instant messages urge users to click on a TinyURL link to watch a video, but the link takes them to a site called ViddyHo which asks them to fill in user names and passwords. The phishers can then use these details to hack into user accounts and send more malicious links.......
[more] Cloud security fears are overblown, some say It may sound like heresy to say it, but it's possible to worry a little too much about security in cloud computing environments, speakers at IDC's Cloud Computing Forum said on Wednesday. Security is the number-one concern cited by IT managers when they think about cloud deployments, followed by performance, availability, and the ability to integrate cloud services with in-house IT, according to IDC's research.Keeping data secure is critical, of cou......
[more] Four in 10 phishing scams end up in Blighty's inbox The UK suffered the greatest number of phishing attacks globally last year as criminals used UK banks as bait for unwary consumers. A total of 135,426 phishing attacks were detected across the world in 2008, 40 per cent of which were aimed at the UK, security firm RSA has found. According to a report by the company, the UK underwent a "marked increase" in phishing attacks as "a result of several massive surges of attacks against......
[more] Security experts offer downturn survival tips Ten of the world's top global IT security chiefs have outlined how security leaders can cope with the increasing pressure of the current economic downturn, and build and manage efficient security programmes. Driving Fast and Forward is the third report from the Security for Business Innovation Council, an advisory body sponsored by information security firm RSA Security. Best practice advice given by the council includes having a security team that......
[more] Managing security in bad times: CISOs speak out The global economic downturn is making everyone's jobs harder, and IT security executives are in the hot seat too, struggling to hold on to budgets and align IT security projects with business needs amid cost-cutting. Ten of these top-level security managers, including those from eBay, Time Warner, Cigna, Novartis and Motorola, shared their thoughts on coping, in a new report titled "Driving Fast and Forward: Managing Information Security for......
[more] Corporate Data: In the vault Financial institutions must go to great lengths when it comes to protecting information, whether that information resides in-house or is accessible to its customers online. To achieve these goals, these organisations must adopt new technologies, ramp up online banking options, and deal with employee turnover. That's why these firms continually need to review the security measures in place, says Christian Leuenberger, project manager at the Credit Suisse Group, a fina......
[more] Spam poses as CNN story about Israel-Hamas conflict Cybercriminals are leveraging the Israel-Hamas conflict in Gaza to dupe users into visiting malware-laden websites through spam claiming to be from CNN. Upon visiting one of the scam websites, users are directed to update Adobe Flash Player to view a video about the two-week-old war – but the download is actually a trojan “SSL stealer” that seeks to capture financial and personal information, according to a blog post by the RSA FraudAction Rese......
[more] Microsoft to embed RSA data cop in Windows Microsoft is adopting technology from EMC's RSA security division for Windows to police data and prevent loss and theft of information. The companies announced Thursday Microsoft will license RSA's data loss prevention (DLP) engine for future versions of Exchange Server, SharePoint Server, and "similar" products. Microsoft would not be drawn on whether the DLP engine will be built into Office or the forthcoming Windows 7. Office would be logical move g......
[more] Finjan offers free malware detection audit to halt Crimeware Trojan Finjan has announced it is offering qualified organisations a free malware detection audit to halt Crimeware Trojan’s and other malware attacks on enterprises. Finjan's free trial offer comes after security vendor RSA has estimated the Sinowal Trojan has taken the details of 270,000 online bank accounts and 240,000 payment cards from financial institutions in a number of countries, including the US, UK, Australia and Poland. &q......
[more] Stark warning over cyber attacks on UK businesses Sustained cyber espionage attacks are being waged on companies that play a key role in the UK national infrastructure, a UK cyber defence chief has warned. The computer systems of critical businesses in the UK, such as power companies and large financial institutions, are being repeatedly probed to steal information or uncover weaknesses that could take them down. That was the warning from Mark Oram, head of the threat and infosec knowledge depa......
[more] Privacy tsar: 277 data breaches since November The information commissioner has criticised the mishandling of personal data by the private and public sectors, in the light of hundreds of data breaches reported to his office over the past year. In a speech to the RSA Conference Europe 2008 on Wednesday, Richard Thomas said that 277 data breaches had been reported since last November. Thirty serious incidents, in both the public and private sectors, are still under investigation. &q......
[more] Javascript to be next core malware language Web 2.0 has placed a demand on browsers to become more interactive and act as a portal rather than a viewing platform is opening up new vulnerabilities, Itzik Kotler, team leader of the Security Operation Center at IT security firm Radware, has warned. As well as developing new signatures and analytics tools for Radware scanning software, Kotler also works on finding new classes of vulnerabilities before they appear in the wild.One such security hole......
[more] Latest tactics for fighting e-crime could backfire Sting operations by law enforcement agencies could force online criminals to forge closer links with each other offline, and become even more difficult to track down and arrest, according to a leading e-crime expert at Lloyds TSB. Speaking at the annual RSA Conference Europe event in London today, Mark Stanhope, senior manager of e-crime at the bank, warned that operations such as Dark Market, in which the FBI infiltrated the eponymous internet......
[more] Brazil is "cesspool of fraud" says RSA guru In a talk at the RSA Conference Uri Rivner, head of new technologies for RSA Consumer Solutions revealed some startling new findings about the changing behaviour of the criminal gangs now controlling online crime. Contrary to the popular view that Russian hackers led the world he revealed that it was Brazil where the latest malware, Trojans and tactics were being developed.“Brazil is now a cesspool of fraud. The three main languages being used o......
[more] Botnet experts meet as threat grows for corporations Even though the notorious Storm Worm may have permanently retreated, as recent reports indicate, the threat that botnets pose to businesses arguably has never been higher. Enterprises risk major financial loss due to sophisticated networks of compromised computers barreling through their network with the goal of stealing confidential data, said Jose Nazario, manager of security research at Arbor Networks. "They're finding out they have m......
[more] Insiders dodge security for productivity, RSA says In its latest survey of information-technology workers, security firm RSA found that more than half found ways to work around corporate security policies to get their work done, the company said in a report released this week. The survey, dubbed The 2008 Insider Threat Survey, found that 53 percent of the 417 people surveyed at three conferences have felt that IT security policies are too restrictive. Nearly all of the respondents (94 percent)......
[more] Police 'find' author of notorious virus The infamous Gpcode 'ransomware' virus that hit computers in July was the work of a single person who is known to the authorities, a source close to the hunt for the attacker has told Techworld. The individual is believed to be a Russian national, and has been in contact with at least one anti-malware company, Kaspersky Lab, in an attempt to sell a tool that could be used to decrypt victims' files. Initially sceptical, the company was able to verify tha......
[more] Private data at risk from new Trojan A Trojan, highly popular with fraudsters, can add data entry fields to legitimate online banking sites and entice consumers to give up sensitive information such as bank card numbers and PINs. The Limbo malware integrates itself into a web browser using a technique called HTML injection, said Uri Rivner, head of new technologies at RSA Consumer Solutions, a division of EMC. Because it's so closely integrated in the browser, it can operate even while the user......
[more] UK's lax wireless security threatens TJX-style hack UK shoppers' credit-card details could be at risk from the same wireless hack technique that snared more than 40 million people's details in the US, according to security experts. Security at hundreds of medium-sized retailers is not fully checked to ensure financial details cannot be accessed through insecure wireless networks, the experts claimed. The claim comes in the wake of US authorities charging 11 people in connection with the country......
[more] Austrian official fuels Skype backdoor rumours Off the cuff remarks by Austrian government officials suggest that Skype conversations might be intercepted. Speaking at a recent meeting on lawful interception between ISPs and Austrian regulators, an unnamed "high-ranking" official at Austria's interior ministry said that listening into a conversation over Skype presented no particular problems, Heise security reports. The opinion contrasts with the view of Joerg Ziercke, president of Germany's Fe......
[more] Does cyber-terrorism exist? Dubbed by organisers as ‘the largest ministerial-level gathering ever organised about cyber-terrorism’, the World Cyber Security Summit (WCSS), was recenlty held in Malaysia. Hosted by the International Multilateral Partnership Against Cyber-Terrorism (IMPACT), government representatives from all over the globe including Australia joined private sector and prominent security experts. The summit was chaired by Malaysian Prime Minister Dato’ Seri Abdullah Ahmad Ba......
[more] Security militia sought to brutalize ransomware virus After discovering a new and improved virus that encrypts important files on infected machines, researchers from Kaspersky are calling on fellow security professionals to lend a hand in cracking the massive key needed to liberate the ensnared data. The call to arms posted Friday comes two days after the antivirus provider detected a new variant of a malicious file-encryptor dubbed Gpcode. It surreptitiously encrypts a variety of files, includ......
[more] Six burning questions about network security Security issues often seem to smolder more than burn, but these six are certainly capable of lighting a fire under IT professionals at a moment's notice. Handle with care. Is server virtualization worth the risk? The benefits of moving away from traditional servers to virtual-machine (VM) arrangements are the cost savings in hardware consolidation and remarkable flexibility. But less-welcome consequences can be security gaps and virtual-server spraw......
[more] Researcher: Debian cryptography may be flawed A security researcher has warned that cryptographic keys generated in the last year and a half using Debian OpenSSL may be invalid. HD Moore, director of research for network-security company BreakingPoint Systems, posted details of the compromise on Metasploit.com on Wednesday.According to Moore, a bug in a Debian OpenSSL package was created in 2006 by the removal of a piece of code, which was taken out to stop the Valgrind and Purify security tool......
[more] Voltage offers public key encryption without certificates Voltage Security has an encryption scheme that it says avoids the need for cumbersome databases of public keys and certificates, by making public keys as needed, from users' identities. The company also has an email security service which it thinks will have another unexpected result - persuading users to adopt extra security on top of their companies' policies. Voltage's identity-based encryption architecture has been proposed as an IET......
[more] Obama site hacked, redirects clicks to Clinton's site A cross-site scripting vulnerability in the social networking section of Sen. Barack Obama's campaign site was exploited over the weekend to redirect users to the URL of rival Sen. Hillary Clinton (D-N.Y.), researchers claimed today. According to the U.K.-based antifraud company Netcraft Ltd., someone identified only as "Mox" confessed to the hack in an entry on the Community Blogs section on the Obama site Sunday. Obama, an Illino......
[more] Advice for securing your site and your reputation Is your company's Web site hacked? Today, it can be hard to tell. Online crooks who successfully break into a site often sneak in small bits of code that leave no visible trace but can attack visitors who simply view the page. In fact, according to a Websense Security Labs report, online thugs who want to spread their viruses, Trojans and other malware are more likely to hack an existing site than to put up their own poisoned page......
[more] PayPal steps up fight against phishing PayPal is stepping up its battle against phishing with new technology and by collaborating with others in the industry. Speaking at the RSA security conference in San Francisco last week, Michael Barrett, PayPal's chief information security officer, outlined the company's strategy for dealing with the phishing problem. As one of largest secure online payment providers, Barrett said PayPal needs to step up efforts to stamp out the phishing problem - not jus......
[more] Vista security is annoying by design If you're running Windows Vista, you're familiar with UAC (User Access Control). It's the security subsystem that pops up those irritating dialog boxes asking whether you really want to install software, modify system files, or write to the Registry. UAC may be Vista's most-hated feature, but as it turns out, it may also be its best-designed. As reported by Ars Technica, UAC was created with a very specific purpose in mind: to annoy you. Ars picked up this t......
[more] Google gives glimpse into security strategy Google has outlined some of the methods it employs to keep its IT security tight. Google director of product management Scott Petry — founder of Postini, which is now owned by the search giant — gave the low-down on the web giant's approach to security at the RSA Conference in San Francisco this week. Petry said: "Google is possibly the number-one target on the internet today. We get an enormous amount of activity against our systems."He add......
[more] Businesses face new breed of security threats Pass the hash" and "metasploit" are two of a breed of emerging security threats facing corporate IT departments. The key security threats facing businesses range from mutations of established phenomena — such as malware or phishing — to less well-known ones, such as metasploit releases and pass-the-hash attacks. The most dangerous new security threats were revealed by experts at the RSA security conference in San Francisco this week.Ed Skoudis, a ha......
[more] RSA: Shutting down power grid is no problem for hackers Gaining access to IT systems and shutting down the electricity grid is simple, a security expert told the RSA security conference in Las Vegas. He told delegates he had done so in less than a day. Ira Winkler, a penetration-testing consultant, says he and a team of other experts took a day to set up attack tools they needed then launched their attack, which paired social engineering with corrupting browsers on a power company's desktops. B......
[more] Cyber risk 'equals 9/11 impact' The US homeland security chief has made a heartfelt plea to Silicon Valley workers to stand up and be counted in the fight to secure the cyber highway. Michael Chertoff invoked the attacks of 9/11 as he sought to galvanise IT professionals and security experts. He told the world's biggest IT security conference that serious threats to cyberspace are on "a par this country tragically experienced on 9/11". Such attacks can hit financial bodies and a gover......
[more] RSA calls for specialist UK cybercrime unit A former US intelligence technology specialist has warned of the need for a dedicated cybercrime taskforce in the UK. Bret Hartman, chief technology officer at security company RSA and former IT specialist with the National Security Agency, described the battle between authorities and online fraudsters, terrorists and other cybercriminals as an "arms race". Hartman told ZDNet.co.uk sister site silicon.com that law enforcement has to "stay one ste......
[more] German police Skype-hacking leaked German police have hired a company to create Trojans capable of capturing traffic from Skype and SSL, leaked documents appear to show. The two scanned documents , which appear on the Wikileaks website in their German form, are difficult to verify, but one appears to describe how a security company, Digitask, was asked to create a "Skype Capture Unit" based around Trojans planted on targeted PCs covertly transferring data to a remote server. "As......
[more] Payments firm rolls out analytics tool for PCI security compliance Bill payment and collections specialist allpay.net has deployed a real-time analytics tool to fulful its compliance obligations under the Payment Card Industry Data Security Standard (PCI DSS) for storing and accessing customers’ credit card data. It is working with network security specialist IDsec to deploy the enVision tool from RSA to enable it to automatically monitor employees' access to network resources and cardholder......
[more] UK cements reputation as phishing hotspot The UK is now established as the second biggest target area for phishing attacks on banks, figures from security firm RSA show. An analysis of reports to RSA's Anti-Fraud Command Centre for October show that UK financial institutions make up a 16% share of those attacked worldwide, second only to the US, which has a 60% share. The UK has held second place for nine months running. But the UK is not a major host of phishing attacks, with just 3% of attack......
[more] RSA 2007: Spyware cashes in quietly Spyware is the most rapidly evolving threat on the threat landscape at the moment, and it will continue this way into 2008, said Gerhard Eschelbeck, chief technology officer of Webroot Software, at RSA Europe in London on 23 October. Spyware is software that covertly gathers information through a user's internet connection without their knowledge for malicious purposes. "It is financially motivated and it takes advantage of human nature," said Esche......
[more] US phishermen trawl UK waters The biggest source of attempts to steal personal bank details via email originates in the US, according to stats from UK anti-spam firm ClearMyMail.ClearMyMail has compiled a rogues gallery of the top 10 countries guilty of trying to steal domestic bank account information. According to ClearMyMail, more than half of all phishing attacks originate in the US.US (54%) Spain (3.8%) Germany (2.9%) Korea (2.8%) France (2.7%) China (2.7%) Russia (2.5%) Japan (2.2%0 Urugu......
[more] City ignoring Wi-Fi risks London firms are still using insecure wireless encryption Revelations earlier this year that poor wireless security contributed to the theft of 45 million credit card numbers at US retailer TJ Maxx increased calls for firms to abandon Wired Equivalent Privacy (WEP), the protocol found to be at fault. But a recent survey of London's wireless infrastructure by RSA suggests WEP use remains widespread, and this is despite a new payment card industry (PCI) standard requiring......
[more] Details emerge of Microsoft website hack Details have emerged of an attack which defaced Microsoft's UK website. Hackers broke through the site's security, defacing it and replacing genuine content with a photo of a child waving a Saudi Arabian flag.It is likely that Microsoft.co.uk, which was breached on Wednesday, was subverted using SQL injection, according to security site Zone-H, which has also run a picture of the defacement. "Most probably, the attacker explo......
[more] UK sets the pace when it comes to cyber crime Identity theft, phishing and Trojan attacks are on the rise, and virtual worlds are being targeted by fraudsters, said a global online security firm. UK is a popular target because it was the pioneer for fast online payments, and consumers are used to easy and instant payment transfers, said Uriel Maimon, senior research scientist, RSA consumer solutions. Financial firms continue to face new and emerging threats, and are challenges to increase confi......
[more] More Wireless, Not Enough Security Since 2002, RSA, the security division of EMC (Quote), has been doing regular surveys of wireless networks found in big cities - essentially, wardriving the same streets, time after time, using everything from cars to buses to horse-drawn carriages - to see what changes. For 2007, they found that while deployment of Wi-Fi was up, so was security - but security is not keeping up with the deployment. "We drive the same route in New York, London and Paris,&q......
[more] US brands milked for phishing emails Household US brands are still routinely used in phishing attacks to draw in unsuspecting users, according to a security firm.RSA's Monthly Online Fraud Report found that the share of US brands made up 73 per cent of all entities being phished in April. "As in February and March, UK institutions remained in the number two spot, with 10 per cent of the phished entities," the RSA report said.However, the number of institutions coming under attack......
[more] Vernier Networks Supports Microsoft Network Access Protection Enforcement in EdgeWall NAC Appliances Vernier Networks, the leading supplier of award-winning network access control (NAC) appliances, today announced support for Microsoft Network Access Protection (NAP) in Vernier's EdgeWall 7000 and 8000 series appliances. Enhancements to Vernier's EdgeWall NAC solutions enable customers using Microsoft Network Policy Server to ensure system health and enforce validated network access policies wi......
[more] McAfee ushers in new CEO After watching its boardroom partially emptied by a stock options backdating scandal, McAfee reloads with a new CEO: former EMC and Documentum executive David DeWalt McAfee introduced its newest chief executive on Feb. 5 in its latest step to rebuild the firm's leadership ranks after a 2006 stock options backdating probe that led to the departure of several top officials. The security applications vendor named David DeWalt, 42, a former executive wit......
[more] 3eTI Receives Common Criteria Certificates at RSA(R) Conference EFJ, Inc. announced today that its 3e Technologies International (3eTI) subsidiary has received two Common Criteria certificates at the wireless industry's RSA Common Criteria award ceremony. These awards recognize 3eTI's achievement in receiving National Information Assurance Partnership (NIAP) Evaluation Assurance Level 2+ Common Criteria Validation for the 3eTI wireless LAN access point and client software. The 3eTI AirGuard 3e-......
[more] PayPal to deploy tokens to fight phishing attacks PayPal will offer a public beta in the Unites States next week for a new security token designed to combat phishing attacks on its customers, a company executive told SCMagazine.com on Thursday. The online payment company has been working with VeriSign for some time to develop the PayPal Security Key as an option for its 133 million customers, said PayPal CISO Michael Barrett at RSA Conference 2007. PayPal plans to offer the device for free to al......
[more] Microsoft takes security teams global Microsoft has announced plans to open new security research centres in Europe and Asia, the first time such teams have been located outside the US. The company plans to use the centres to monitor emerging security threats round the clock regardless of time zone limitations, and to bolster parts of its emerging security threat business such as the much criticised Windows Live OneCare. "We will develop sites to cover the Americas, EMEA and Asia, for us t......
[more] Vernier Networks Supports Microsoft Network Access Protection Enforcement in EdgeWall NAC Appliances Vernier Networks, the leading supplier of award-winning network access control (NAC) appliances, today announced support for Microsoft Network Access Protection (NAP) in Vernier's EdgeWall 7000 and 8000 series appliances. Enhancements to Vernier's EdgeWall NAC solutions enable customers using Microsoft Network Policy Server to ensure system health and enforce validated network access policies wi......
[more] SanDisk to make USB security push Flash memory maker SanDisk next week plans to announce a product designed to help businesses manage and control the use of USB drives. The Milpitas, Calif., company has scheduled the announcement for the RSA Conference in San Francisco, the annual bonanza of security products for businesses. "SanDisk will unveil a comprehensive solution for the enterprise security market, providing protection and control for USB flash drives," the company said in a st......
[more] Microsoft to push new anti-phishing technology New certification process is designed to make it harder for phishers to spoof Web sites Microsoft and industry partners are pushing ahead with plans to make the Web a little safer with a new technology to combat phishing. At next month's RSA Conference in San Francisco, the software giant plans to announce that a number of Web sites have gone through a new certification process designed to make it harder for phishers to spoof them. The process gives......
[more] DIY phishing kit offered for sale A software kit has been discovered for sale on the Internet that makes it possible for non-experts to set up and carry out sophisticated phishing attacks on large numbers of websites. EMC's RSA division reports that its Anti-Fraud Detection Center (AFCC) found the ‘universal man-in-the-middle phishing kit' being offered in a free demonstration version on a criminal forum monitored by the company. The kit - said to have a user-friendly interface designed t......
[more] New PayPal key to help thwart phishers Over the next few months, Ebay will be offering its PayPal users a new tool in the fight against phishers: a $5 security key.The security key is actually a small electronic device, designed to clip on to a keychain, that calculates a new numeric password every 30 seconds. PayPal users who sign up to use the device will need to enter their regular passwords as well as the number displayed on the key whenever they log in to the online payment servi......
[more] Mozilla urges upgrades for product flaws Mozilla is reporting three vulnerabilities affecting its products - the most severe being a JavaScript flaw that could allow for the remote execution of code - US-CERT (the U.S. Computer Emergency Readiness Team) said today in an alert. The bugs are corrected in Firefox 1.5.0.8, Thunderbird 1.5.0.8 and SeaMonkey 1.0.6, but browser users are encouraged to upgrade to Firefox 2.0.The riskiest vulnerability - affecting Mozilla's web browser Firefox, email cli......
[more] Trai website tinkered, hacker still at large Regulator to lodge FIR against international hacker code-named Pablin 77 The website of the Telecom Regulatory Authority of India (Trai) has been hacked. A hacker (code-named - Pablin 77) broke through the administrative access to the regulator's server on Saturday and tinkered with some of the links of the website. FE alerted Trai about the hacking on Monday. The hacker is still at large and the telecom regulator plans to lodge a FIR.Defacing of Indi......
[more] Skype teams up with McAfee Skype certifies McAfee Internet security suite 2006 Internet communications company Skype has certified McAfee's suite of anti-virus software.McAfee Internet Security Suite 2006, McAfee VirusScan 2006 and McAfee Personal Firewall 2006 have all met Skype's standards for security, quality and usability.The security collaboration will mean files sent using the Skype file transfer function will be easily scanned by McAfee products adding an extra layer of protection t......
[more] FBI calls for hacker help The FBI needs help from hackers to fight cybercrime, an agency official said Wednesday. "We need your expertise and input as we develop strategies to battle cybercrime in the 21st century," Daniel Larkin, a unit chief in the FBI's cybercrime division, said in his opening address at the annual Black Hat security conference here. As cybercrime has continued to become more sophisticated and organized, federal agencies have increasingly sought to partner with the......
[more] Ransomware getting harder to decrypt Ransomware is becoming more complex and anti-virus companies are worried they may not be able to decrypt ransomed files, according to a new report. The report, Malware Evolution: April - June 2006, Hidden Wars by anti-virus company Kaspersky Labs, warned that ransomware authors are creating more sophisticated encryption algorithms in a bid to out-fox security companies and blackmail users and companies.Ransomware involves the use of malicious code to hijack u......
[more] Warnings of new blackmail virus Security experts warned of a new variation of a virus that encrypts files and then blackmails the user into parting with money in return for a password. The variant, classified as Win32.GpCode.ae., is currently spreading across the Russia. Once downloaded, the virus encrypts data on the victim's PC and is only decrypted by the virus writer once demands for money are met.This virus differs from earlier variants in that it encrypts the user's data using RSA 260-bit,......
[more] Rogue hotspots offer rich pickings for hackers Criminals are setting up temporary wireless access points designed to look like the genuine article in order to capture confidential information, according to security firm RSA. The company warned that rogue hotspots could provide the latest platform for identity theft, and cited a test system built by Capgemini UK as a proof-of-concept."Rogue hotspots currently constitute one of the most serious and most likely vehicles for wireless sec......
[more] Firefox to get phishing shield An upcoming version of Firefox will include protection against phishing scams, using technology that might come from Google. The phishing shield is a key new security feature planned for Firefox 2, slated for release in the third quarter of this year, Mozilla's Mike Shaver said in an interview Tuesday. "Everybody understands that phishing is a significant problem on the Web," said Shaver, a technology strategist at the company, which oversees Firefox dev......
[more] ForeScout selected as finalist by SC Magazine's 2006 Reader Trust Awards ForeScout Technologies, the leading provider of clientless Network Access Control (NAC) and policy enforcement solutions, today announced that CounterAct™, its network access control appliance, has been selected by SC Magazine as a finalist in the category of Best Endpoint Security Solution for 2006.
The 2006 SC Awards are granted through an extensive judging process where expert judges select notable companies in each o......
[more] Multiple passwords creating insecurity Users are being burdened with too many passwords, and their confusion could undermine IT security, research shows.
A survey by RSA Security shows many enterprise IT users have at least 13 passwords to remember, the result of having to access a growing variety of systems.
The survey of 1,700 ordinary IT users claims that nine out of 10 have grown frustrated with this situation and are getting around it with poor password practice that diminishes IT securi......
[more] Workers frustrated with password policies A survey of 1,685 US businesses has shown that nearly a quarter of workers have to remember 15 or more passwords.
The researchers claim that this is costing money because of the level of support calls and the length of time it takes to get passwords reset.
Nearly one in five of those questioned had to wait an hour or more before regaining access to their systems.
Many users are writing down their passwords to deal with the problem, which can lead to......
[more] Wireless hijacking under scrutiny A recent court case, which saw a West London man fined £500 and sentenced to 12 months' conditional discharge for hijacking a wireless broadband connection, has repercussions for almost every user of wi-fi networks. It is believed to be the first case of its kind in the UK, but with an estimated one million wi-fi users around the country, it is unlikely to be the last.
"There are a lot of implications and this could open the floodgates to many more such cases,......
[more] Hacking scandal blamed on broken rules Early investigations into the exposure of 40 million credit card details have found that some records were kept too long or unencrypted More details emerged Monday on the cybersecurity breach at a payment processing company that exposed more than 40 million credit-card accounts to fraud.
The data security breach, possibly the largest to date, happened because intruders were able to exploit software security vulnerabilities to install a rogue program on the......
[more] Trio of security holes kick sysadmins in teeth RSA, Ethereal and Smail all need patching. Serious security vulnerabilities have been disclosed in three networking tools found in many enterprises: the RSA Authentication Agent for Web for Internet Information Services; ethereal, a network protocol analyser; and smail, a Mail Transfer Agent.
All three vulnerabilities could allow remote attackers to execute malicious code, according to security researchers, and patches have been released for all t......
[more] Failing UK cyber defences need overhaul The UK's National Infrastructure Security Co-ordination Centre (NISCC) needs more powers to enforce security best practices in order to safeguard the nation's critical systems against cyber-attack, according to a former chairman of the Metropolitan Police Authority.
Lord Toby Harris of Haringey called for the appointment of a government cyber security czar and legislation to change the role of the NISCC from providing information security advice to setti......
[more] AirMagnet Supports RSA's Security's Wireless Survey in San Francisco's Bustling Financial District RSA Security Arms Itself with AirMagnet to Demonstrate Critical Wireless Security Breaches on Local Television AirMagnet, the leader in wireless LAN (WLAN) security and performance solutions, today announced that its security monitoring tools will be used by RSA Security, an AirMagnet customer, to illustrate vulnerabilities in wireless networks in San Francisco's financial district. RSA Security re......
[more] Gates maps out future for Microsoft anti-virus Microsoft boss Bill Gates pledged further action to help users and firms improve security when he opened the RSA conference in San Francisco late February. "The email vector continues to be the primary means of virus spread," he said. "We need to improve the [virus-] scanning capabilities. Having a single engine to do that scan is not sufficient."
On the spyware front, Microsoft plans to bundle free anti-spyware capability with Windows.
Gates sai......
[more] Wireless security still lax Report finds 36 per cent of the City's wireless networks left open to attack More than a third of businesses using wireless networks in the City of London are overlooking basic security, leaving themselves exposed to drive-by hackers.
The fourth annual Wireless Security Survey of London shows the number of wireless local area networks (WLans) increased by 62 per cent in 2004, with access points rising from 1,078 to 1,751.
But the research, conducted by security spec......
[more] Possible Domain Poisoning Underway Security experts late Friday warned that a DNS cache poisoning attack may be underway and redirecting users from some of the most popular Web sites to a malicious URL where spyware and adware is invisibly installed onto their computers. According to the Internet Storm Center, which posted an alert on its Web site, it had received reports that the attack was redirecting traffic from popular domains such as google.com, ebay.com, and weather.com.
DNS cache pois......
[more] Policing the Virus Writers: Good News? More suspects are being caught, but that doesn't mean you can expect to see fewer viruses. A recent spate of high-profile arrests of malware writers is no cause for comfort, say computer crime experts.
While law enforcement authorities have recently arrested numerous virus writers and hackers, these arrests--and the stiff prison sentences that may follow--are likely to discourage only the most casual malware writers, say experts, and will probably have mi......
[more] Internet Explorer 7 not just for Windows XP Despite previous indications, the upcoming Internet Explorer 7 (IE7) will be available for Windows XP Professional x64 Edition and Windows Server 2003 SP1, as well as Windows XP SP2.
When Microsoft chairman Bill Gates unveiled the project two weeks ago at the RSA Conference in San Francisco, he stated that the software would become available for Windows XP only.
The improved version focuses on security enhancements, but Microsoft has given few detai......
[more] MS and security: good effort but no cigar Last week I watched the webcast of Bill Gates speaking at the RSA conference in San Francisco. He talked about Microsoft's plans to build upon the progress it's already made in security. These plans included better protection against spyware and spam. Gates also announced Microsoft's intention to release Internet Explorer 7, complete with a number of security improvements, by the end of this year.
Looking back, the company has indeed made notable progr......
[more] Many Wireless Security Breaches Reported At Security Conference There were 32 "Evil Twin" attacks and many other types of security breaches aimed at Wi-Fi users of the recently-concluded RSA security conference, wireless security vendor AirDefense claimed Thursday.
In an Evil Twin attack, hackers set up bogus access points and try to get nearby wireless users to log on either. Then, they can steal information that the user transmits The use of this method of attack marks a significant shift......
[more] DHS cybersecurity official: We're making progress The Department of Homeland Security is making "lots of progress" in boosting the nation's cybersecurity but private industry must help, a DHS official said Friday at the RSA Conference. "We're doing what we can but cybersecurity is not just government's responsibility. We all have to work together," said Hun Kim, deputy director at the National Cyber Security Division in DHS.
Speaking at a session entitled "Preventing a Cyberwinter," Kim said h......
[more] Microsoft Warns of New Security Threat System monitoring programs, called rootkits, may pose a serious danger to your PC. Microsoft security researchers are warning about a new generation of powerful system monitoring programs, or "rootkits," that are almost impossible to detect using current security products and that could pose a serious risk to corporations and individuals.
The researchers discussed the growing threat posed by kernel root kits at a session at the RSA Security Conference in S......
[more] IT security industry faces a tough 2005 Days of wine and roses over as corporates streamline security budgets This year will mark a period of reckoning for the IT security industry as spending begins to decline, Gartner has predicted.
Victor Wheatman, managing vice president at the analyst firm, told the RSA Conference in San Francisco that by 2006 security spending will have dropped to four or five per cent of corporate IT budgets. In more efficient companies it could drop lower with no harm t......
[more] Long fuse for Microsoft's security challenge As security companies brushed off any immediate threat from Microsoft's plan to give away anti-spyware tools, analysts noted that the software giant could yet become a force in the security market. On Wednesday, security business leaders responded to Microsoft's announcement of its plan at RSA Conference 2005 by challenging the company's ability to offer technology that rivals existing tools. In that, they echoed Symantec CEO John Thompson, who said......
[more] Passwords? We don't need no stinking passwords Concerns over online security are continuing to slow consumer e-commerce growth. A quarter of the respondents in a recent survey have reduced their online purchases in the past year and 21 per cent refuse to conduct business with their financial institutions online because of security fears. More than half (53 per cent) of the 1,000 consumers quizzed believe that basic passwords fail to provide sufficient protection for sensitive personal informati......
[more] Microsoft Pulls Trigger Early on IE7 Microsoft could not have known that cyber vandalism would grow out of control. Still, many security professionals do not consider version 6 of Explorer to be very robust. It is that sentiment that has given Firefox an extra push into the marketplace and one reason Microsoft has to launch Explorer 7 early. Microsoft Chairman Bill Gates said his company would bring its latest edition of the Explorer browser to market earlier than planned. Explorer got a black e......
[more] Security show tackles online threats The security industry, which is in the business of paranoia, will be looking over its shoulders more frequently at the annual RSA Security Conference this week. With phishing attacks plaguing consumers, viruses showing no signs of abating, and regulations such as the Sarbanes-Oxley Act worrying clients, business has been brisk for security companies.
Yet the continuing rise of online threats underscores the lack of progress in solving corporate and consumer......
[more] IT security big guns converge on California 14th annual RSA security conference kicks off next week The IT security community is converging on San Francisco for the fourteenth annual RSA Conference, to be held next week.
Keynote speakers including Microsoft's Bill Gates, Cisco's John Chambers and other industry leaders will be laying out their plans and visions for IT security over the coming year.
It is widely expected that Gates will detail Microsoft's plans to market antivirus software for......
[more] How will Bill Gates' antivirus cliffhanger play out? Will he or won't he? The suspense over whether Bill Gates will take the wraps off a Microsoft antivirus product at RSA's security conference this month is building to a crescendo.
All right, so it's mostly the media that are getting lathered up about this, but there are others with a keen interest in what Microsoft's co-founder has up his signature-sweater sleeve. Despite their practiced nonchalance about a giant entering their turf, AV ven......
[more] Microsoft to become security outfit by next month An analyst at corporate crystal ball gazers, JP Morgan, is predicting that the Mighty Microsoft will penetrate the anti-virus market by February 15th.
Adam Holt says that he sees Supreme Vole Bill Gates standing before a large group of people showing them his latest big offering.
It looks like it might be the RSA Security conference in San Francisco on February 15, where Gates is down as the guest speaker.
Hold didn't say if he saw people app......
[more] CyberGuard Boasts Two Product Lines In SC Magazine Global Awards Finals CyberGuard Corporation, a provider of proven, intelligent, security solutions that protect business-critical assets at Global 2,000 organizations and government entities worldwide, announced today that its line of premium firewall/VPN appliances and Webwasher Content Security Management (CSM) Suite 5.1 have been named finalists in the 2005 SC Magazine Global Awards in the "Best Firewall" and "Best Content Filtering" categor......
[more] Term 'cyber-terrorism' damaging security investment, says ex-White House advisor Overuse of the term 'cyber-terrorism' is confusing board directors and preventing much needed investment in IT security, says former White House security advisor Richard Clarke.
By describing denial of service attacks, hacking and defacement of corporate web sites as cyber-terrorism, IT directors are negatively affecting the amount of investment companies makes in IT by failing to properly communicate the real ris......
[more] Security concerns still plague wireless take-up Wireless has many benefits, provided companies minimise the risks and rein in ad hoc networks 'Be afraid, be very afraid' is the attitude of many companies when faced with the prospect of using a wireless network.
Because wireless is about broadcasting data that often goes beyond company perimeters, businesses worry that it won't be secure enough. And who can blame them, with a regular stream of surveys highlighting gaping security holes?
Secur......
[more] Wireless security must improve in Europe Around 34% of businesses in London, Paris, Frankfurt and Milan are still leaving their wireless networks open to attack, according to the latest survey commissioned by RSA Security. Many install the networks without changing risky default settings.
The survey also recorded explosive growth in the number of wireless networks across the four financial centres, with the number in London rising 770% since 2001.
Wireless networks – also known as Wi-Fi......
[more] Secure E-Mail Specs Could Merge Microsoft meets with SPF author to craft a technology standard. After submitting its Caller ID e-mail authentication specification to a standards body, Microsoft is discussing merging its spec with another, called Sender Policy Framework, or SPF.
E-mail experts from Microsoft will spend a weekend meeting with SPF author Meng Weng Wong of Pobox.com, looking for ways to merge the closely-related Caller ID and SPF standards, according to Wong.
"Basically, we'......
[more] Bill Gates 'can't stop spam' More than 80 percent of security professionals do not believe that Bill Gates' crusade against spam will solve the problem, according to a survey A survey of IT security professionals conducted at the Infosecurity show in London this week revealed that more than 80 percent of people do not think that Bill Gates' pledge to eliminate spam within two years is realistic.
In June 2003, the Microsoft chairman called for cooperation between government and corporations to......
[more] Passwords revealed by sweet deal More than 70% of people would reveal their computer password in exchange for a bar of chocolate, a survey has found. It also showed that 34% of respondents volunteered their password when asked without even needing to be bribed.
A second survey found that 79% of people unwittingly gave away information that could be used to steal their identity when questioned.
Security firms predict that the lax security practices will fuel a British boom in online ident......
[more] Security budgets soared in 2003 The combined revenues of 22 of the largest publicly listed pure-play IT security vendors grew 14 per cent last year The heavy hitters of the security market posted combined revenues of $5.33bn last year compared to $4.67bn in 2002, according to a study by analysts Datamonitor published today.
"A steady rise in security revenues in 2003 indicates that corporate budgets are becoming less constrained and that security remains top of CIOs' agenda. This indicates st......
[more] Gates e-mails security brain dump to customers Microsoft Corp. Chairman and Chief Software Architect Bill Gates reached out to his company\'s customers on Wednesday in an e-mail that detailed the company\'s work to secure its software products. In the message, Gates called computer security \"as big and important a challenge as any our industry has ever tackled,\" and said Microsoft is making \"significant progress on the security front.\"
The mammoth, 3,500 word e-mail was sent to custom......
[more] Cyber security liability seen increasing Hackers, viruses and other online threats do not only create headaches for Internet users, they could also create prison sentences for corporate executives, experts say.
Though business groups have lobbied successfully against laws focused on cyber security, companies that do not make efforts to secure their networks could face civil and criminal penalties under an array of existing laws and court decisions, according to security and legal experts.......
[more] Microsoft to announce legal, technical antispam plans Company will announce lawsuits against spammers under the U.S. Can-Spam Act Microsoft Corp., along with other Internet industry players, is due to announce Wednesday lawsuits against spammers under the U.S.' so-called Can-Spam Act, and will detail a technical initiative aimed at stopping the onslaught of unsolicited e-mail, a company representative revealed.
The lawsuits announced under Can-Spam (Controlling the Assault of Non-Solicited P......
[more] Competing Technologies Shake Up E-Mail How will rival authentication schemes change the way we communicate online? Microsoft's recent announcement of a host of initiatives to stop unsolicited commercial e-mail, or spam, highlighted some tectonic shifts taking place in the once staid world of Internet messaging. The company's announcement was made at the RSA Conference, a leading annual meeting on electronic data security that was held in San Francisco late last month.
Caller ID
The company's......
[more] Passwords are passport to theft It seems incredible that although millions of people world-wide now routinely carry out significant financial and other transactions via the Internet, so little action is taken to prevent identity theft, writes Bloor Research analyst Tony Lock. A recent study conducted by Opinion Research Corporation and commissioned by RSA Security, investigated the attitudes, perceptions and security practices of consumers today and compared them with opinions they held one yea......
[more] Competing technologies could shake up e-mail Microsoft’s announcement at the RSA Conference last week of a host of initiatives to stop unsolicited commercial e-mail, or spam, highlighted some tectonic shifts taking place in the once staid world of Internet messaging. The company’s new e-mail authentication architecture, known as "Caller ID," is being met with cautious acceptance. However, Microsoft will probably not have the last word on secure e-mail, and a shake-out of antispam solutions backe......
[more] Through the security looking glass The annual RSA Conference, which just concluded in San Francisco, is the technology industry's premier security event. After covering a half-dozen RSA conferences in the 1990s (including several for CNET News.com), I returned this year for the first time since 1999. Talk about a time warp.
As cybersecurity has become an ever larger concern, the data security industry has mushroomed. But although the lingo has changed from the prespam days, you can divide th......
[more] The Net Has An 'Insecurity' Complex RSA's second annual assessment of online security leaves little doubt that corporations have a long way to go. "Frustration" can pretty much sum up the feeling of Internet users in 2003 as the IT sector scrambled to thwart a barrage of hacks, attacks and flaws that compromised networked computers around the globe.
According to online encryption firm RSA Security, the outlook for easing those frustrations in 2004 is not very encouraging.
As part of its......
[more] Row over how to junk spam Microsoft is proposing to stop spam by checking that messages are being sent by the person they claim to come from. The Caller-ID for e-mail idea is one of several proposals floated as a way to stem the rising tide of junk mail.
The internet's engineering body has set up an emergency meeting to sift through the different proposals and draw up a network-wide solution.
But some fear the competing proposals could cause confusion and spell the end of some widely-use......
[more] Is security getting any easier? Although governments and companies appear to be making significant headway on many security problems, don't expect headaches like spam to disappear anytime soon, according to security experts. Human error, combined with the increasing technical sophistication of malicious hackers, creates a situation in which security, ultimately, can never be perfect, security specialists on the cryptographer's panel at the RSA Conference here said Tuesday.
Invariably, indiv......
[more] Security experts bemoan poor patching Top security officers warned on Tuesday that patching software flaws is still far too difficult, with many companies left vulnerable because they are lagging behind on applying critical updates. Vulnerability assessment firm Qualys supported the statements, made during a panel discussion at the RSA Security Conference here, with data culled from monitoring its clients' networks. The data, collected over two years, shows that it takes a month to cut by half t......
[more] Wi-fi networks step up security The security of wireless networks used by businesses in London has improved significantly over the last 12 months, says a survey RSA Security found that 66% of the networks surveyed use the encryption system built-in to the wi-fi standard to help them prevent unauthorised access.
This is a big change since the last survey which found that only 37% had the security system turned on.
Despite this improvement, RSA said many firms were still making basic mista......
[more] City sees the benefits of wireless networks Survey shows more businesses are convinced but security is still lax The third annual Wireless Security Survey of London has highlighted a significant increase in the use of wireless networks by businesses.
In the two years since the survey was first undertaken, the number of wireless networks used in the City has increased from 124 in 2001, to 328 in 2002 and 1078 in 2003.
The benefits of the technology appear to have convinced companies, and th......
[more] CA Pushes New Physical And IT Security Interoperability Standard The company unveiled the Open Security Exchange, which seeks to promote vendor-neutral specs for integrating the management of security devices and policies. Computer Associates is spearheading an initiative to create a standard that will allow physical security devices, such as building access cards, to interoperate better with traditional IT security applications, such as provisioning and access management apps and smart cards us......
[more] Global Secure Systems supplies security tools (including RSA) to protect both the corporate gateway (particularly the Internet, or other external network connections), and the individual PC (including the roaming laptop user and the desktop attached to the corporate network).
© Global Secure Systems, All rights reserved.
Search results for RSA from the main GSS Website
