RSA Describes Breach Attack (and the Problem with APT)

Catching up after a long weekend spent (mostly) offline, and digesting RSA’s Friday disclosure regarding its recent breach. In the plus column for RSA: At least they made an effort to communicate some detail, albeit late, and at no small risk to their reputation no matter how their statement would be received. They were reasonably forthcoming [...]

By | April 4th, 2011|Security|0 Comments

RSA SecurID Breach Update: (Some) Additional Info Provided to Customers

A short while ago, RSA released an additional customer advisory (customer login required) regarding the breach of SecurID information disclosed last Thursday. In my updated initial take on the breach, I noted that: To date, RSA has disclosed no detail about exactly what was compromised or how, leaving customers with no actionable information regarding their [...]

By | March 22nd, 2011|Security|0 Comments

RSA Breach of SecurID Information: Initial Take

(Updated: Commentary on RSA's disclosure and SecurCare advisory of March 17) Yesterday, RSA Security disclosed that it had been the victim of a security breach that, according to Executive Chairman Art Coviello's open letter to customers, resulted in the exposure of information "specifically related to RSA's SecurID two-factor authentication products." Coviello's letter goes on to [...]

By | March 18th, 2011|Security|0 Comments
Load More Posts