Skip Links

RSA

Major security flaws threaten satellite communications
An analysis of satellite communication gear from more than a half-dozen major manufacturers has uncovered critical vulnerabilities that could be exploited to disrupt military operations and ship and aircraft communications.
Facebook users targeted by iBanking Android trojan app
Cybercriminals have started using a sophisticated Android Trojan app designed for e-banking fraud to target Facebook users, possibly in an attempt to bypass the two-factor authentication protection on the social network.
Music piracy battle erupts in Russia as major labels sue large social network
Russia's vKontakte social network is stridently out of tune with copyright laws, according to three major record labels that are suing the company alleging it deliberately facilitates large-scale music piracy.
How Responsive Website Design Helps Boost Revenue
Carsales.com, Australia's top online automotive classified site, is helping its independent dealers make the switch to sites built with responsive design in mind. Revenue is up, the company says, in part because of increased traffic from mobile devices.
Chinese government still sponsoring cyber-espionage, says FireEye COO
A year ago, Mandiant, since acquired by FireEye, issued a long report called "APT1" that accused China's People's Liberation Army of launching cyber-espionage attacks against 141 companies in 20 industries through a group known as "PLA Unit 61398" operating mainly from Shanghai.
Is SDN your next security nightmare?
The big buzzword in networking these days is Software-Defined Networking (SDN),  a de-coupling of the data plane and the control plane that allows you to manage physical devices via a software-based controller sitting on a general purpose server.
RSA Conference mobile app has vulnerabilities, researchers say
A mobile application designed to make it easier for RSA Conference 2014 attendees to navigate the event and interact with their peers exposes personal information, according to researchers from security firm IOActive.
Cisco: $300,000 prize for Internet of Things security apps
Cisco today kicked off a contest with $300,000 in prize money that challenges security experts around the world to put together ways to secure what's now called the "Internet of Things," the wide range of non-traditional computing devices used on the electric grid, in healthcare and many other...
RSAC 2014: Experts discuss the harsh realities of Incident Response
How well is incident response working for corporations effected by security incidents? A panel at RSA says there is still a lot of work to be done
FBI expects to roll out malware-analysis system to help businesses identify attacks
The director of the Federal Bureau of Investigation (FBI) said this week his agency plans to introduce a malware-analysis system later this year that will let businesses and the public, report newly identified malware attacks, upload malware samples and receive reports on them.
Cloud security concerns are overblown, experts say
Security concerns should not deter enterprises from using public cloud technologies when it makes business sense.
Security firm discloses Apple iOS 'malicious profile' vulnerability impact on MDM
At the RSA Conference today, security start-up Skycure plans to disclose a vulnerability in Apple iOS devices that can impact mobile-device management (MDM) systems running on them.
RSA security attack demo deep-fries Apple Mac components
How bad can cyberattacks get? How about burning the internal components of a machine, whether PC or Mac, to a crisp so there's no thought of it being recoverable? That's what security vendor CrowdStrike showed could be done to an Apple Mac OS X today at the RSA Conference.
Are Apple iOS, OS X flaws really backdoors for spies?
Two recently-discovered flaws in Apple iOS and Mac OS X have security experts openly asking whether the software vulnerabilities represent backdoors inserted for purposes of cyber-espionage. There's no clear answer so far, but it just shows that anxiety about state-sponsored surveillance is running...
Huge turnout at RSA shows hackers are winning
In the battle between enterprises and malicious hackers, the bad guys are clearly winning, judging by the sheer number of people and exhibitors at the RSA security conference going on here this week.
RSA chief: NSA exploited 'position of trust'; should spin-out security tech group
Did the National Security Agency trick RSA, the security division of EMC, into including a crypto algorithm that was really an NSA cyber-espionage backdoor into the RSA BSAFE toolkit in order to propagate it through tech industry products?
Video: Another cybersecurity gap: filling jobs
Security experts weigh in on the shortage of cybersecurity workers and what can be done to close the skills gap.
Mac users warned against using public Wi-Fi networks
Connecting to unsecured networks not advisable for Apple users until patch is released for vulnerability
Check Point unveils security architecture for threat-intelligence sharing
Check Point Software Technologies today said it is extending its security architecture to be able to incorporate more threat-intelligence data that could be shared with other vendor partners, with the goal of providing more adaptive prevention.
AT&T and IBM cement security partnership
AT&T and IBM, at the RSA Conference, announced they've sealed a partnership to provide security services for a wide range of enterprises in a way that blends technology and professional services both vendors have.
Cisco details Sourcefire security threat integration, open source direction
Having acquired the security firm Sourcefire last October, Cisco is using this week's RSA Conference as the showcase for how Cisco's security products are being integrated as well as detailing how it will cut an open-source path for the next-generation application-layer firewall/IPS.
Source code for Android iBanking bot surfaces on underground forum
The source code for an Android mobile banking Trojan app was released on an underground forum, making it possible for a larger number of cybercriminals to launch attacks using this kind of malware in the future.
What will be hot at RSA? NSA/tech industry battle; cyberwarfare issues dominate
It's almost a shame that former National Security Agency contractor Edward Snowden won't be at the upcoming RSA Conference since the disclosures he's leaked about the NSA's mass surveillance practices involving the U.S. high-tech industry are directly influencing a preponderance of conference...
Windows XP support cutoff poses data breach risk for retailers
Retailers will face an increased risk of data breaches after Microsoft ends support for Windows XP, a version of which powers the majority of modern cash registers, security vendor Symantec warned in a report published Monday.
Is Coin the One Payment Card to Rule Them All?
In an era when consumers' wallets are filled with credit cards, rewards cards, gift cards and other cards, Coin aims to be the universal payment option of choice. But can it stand out in a growing market of smartphone apps, digital wallets and NFC technology?
Supreme Court rejects SAP appeal of $391 million patent suit award
The U.S. Supreme Court rejected an appeal from SAP of a US$391 million judgment given to Versata Software in a patent lawsuit the latter filed, but SAP is vowing to fight onward.
Reddit, Mozilla, EFF to hold day of protest, activism in memory of Aaron Swartz
A broad coalition of well-known organizations announced today that it will stage an online protest against wide-ranging government surveillance of Internet users on Feb. 11, in memory of activist Aaron Swartz.
RSA boycott splits security industry on tactic's effectiveness
The handful of security experts boycotting the upcoming RSA Conference have split the industry between those who believe the protest is justified and others who see it as a knee-jerk reaction to reports of RSA collaboration with the U.S. National Security Agency.
The NSA blame game: Singling out RSA diverts attention from others
RSA may have earned much of the criticism being heaped upon it for allegedly enabling a backdoor in one of its encryption technologies under a contract with the National Security Agency. But singling out the company for reproach deflects attention from the role that other technology vendors may...
The security industry found its dream enemy in 2013 -- and new technical challenges too
2013 was the year we learned we must encrypt our data if we don't want the likes of the U.S. National Security Agency or the U.K. Government Communications Headquarters reading it as it crosses the Internet.
Security industry tainted in latest RSA revelations
Trust in the security industry has taken a blow with a recent report that RSA was paid by the U.S. National Security Agency to provide a way to crack its encryption.
Security researcher cancels talk at RSA conference in protest
Security researcher Mikko Hypponen has canceled his talk at a RSA security conference in San Francisco, reacting to a report that the security division of EMC allegedly received US$10 million from the U.S. National Security Agency to use a flawed random number generator in one of its products.
Report on NSA 'secret' payments to RSA fuels encryption controversy
The U.S. National Security Agency (NSA) paid US$10 million to vendor RSA in a "secret" deal to incorporate a deliberately flawed encryption algorithm into widely used security software, according to a Reuters report that is reigniting controversy about the government's involvement in...
New malware variant suggests cybercriminals targeting SAP users
A new variant of a Trojan program that targets online banking accounts also contains code to search if infected computers have SAP client applications installed, suggesting that attackers might target SAP systems in the future.
Fake social media ID duped security-aware IT guys
Security experts used fake Facebook and LinkedIn profiles pretending to represent a smart, attractive young woman to penetrate the defenses of a U.S. government agency with a high level of cybersecurity awareness, as part of an exercise that shows how effective social engineering attacks can be,...
Cops should be allowed to hack into computers, police officials say
Law enforcement agencies should be allowed to hack into computers to identify cybercriminals and collect evidence, representatives from Europol and the Dutch National Police argued in front of a room full of security professionals at the RSA Europe security conference in Amsterdam.
Open-source software projects need to improve vulnerability handling practices, researchers say
Many open-source software developers need to improve the way in which they handle vulnerability reports, according to researchers from security firm Rapid7, who recently found and reported vulnerabilities in seven popular open-source software applications.
Report: Broadcasters ask high court to shut down Aereo TV streaming service
A cadre of prominent broadcasters including ABC and CBS petitioned the U.S. Supreme Court on Friday to shut down Aereo, a television streaming service, alleging that Aereo infringes their copyrights and puts their businesses at risk, according to a Wall Street Journal report.
How to Close the Big Data Skills Gap by Training Your IT Staff
Research firms paint a dire picture of a massive big data skills gap that will get worse over time. But companies like Persado, which uses big data to help marketers optimize their messages, are finding success training their existing staff in the new big data technologies.
Silent Circle moves away from NIST cryptographic standards, cites uncertainty
The U.S. National Security Agency's reported efforts to weaken encryption standards have prompted an encrypted communications company to move away from cryptographic algorithms sanctioned by the U.S. National Institute of Standards and Technology (NIST).
Critics question FTC's authority to bring data security complaints
The U.S. Federal Trade Commission should back away from its claim of broad authority to seek sanctions against companies for data breaches when it has no clearly defined data security standards, critics of the agency said Thursday.
Joomla patches file manager vulnerability responsible for hijacked websites
Patch release addresses flaw linked to several compromises, as well as malware distribution and phishing campaigns, on other sites
Black Hat: Elliptic curve cryptography coming as smarter algorithms threaten RSA
Within five years the math for cracking encryption algorithms could become so efficient that it may render today’s commonly used RSA public key cryptography algorithm obsolete, Black Hat attendees were told.
EMC president's move to subsidiary RSA shows security a priority
RSA's cloud services require encryption, authentication and other security technologies for data protection and privacy
RSA president leaving to take cloud job at parent EMC
RSA President Tom Heiser is transferring from the security company to its parent company EMC to focus on cloud computing initiatives, according to an internal communication sent from the company today.
Why help desk employees are a social engineer's favorite target
A new report from the SANS Institute and RSA on help desk security and privacy finds help desk workers are the easiest victims for a determined social engineering criminal. Due to metrics and basic job requirements, end user and network support operations are still the top target when it comes to...
Software AG angles its messaging platform to speed delivery of big data
Nirvana Messaging, now called Universal Messaging, has been integrated with Software AG's Terracotta in-memory storage to handle large-scale enterprise messaging.
SAP wins key ruling in long-running patent battle with Versata
SAP has received a ruling that sets a legal landmark in patent law and could also prove favorable to its defense in a long-running intellectual-property dispute with Versata.
PCI Express-based fabrics: A low-cost alternative to InfiniBand
By building on the natural strengths of PCI Express (PCIe) -- it's everywhere, it's fast, it's low power, it's affordable -- and by adding some straightforward, standards-compliant extensions that address multi-host communication and I/O sharing capabilities, a universal interconnect now exists...
SAP loses bid to overturn $345 million patent judgment
An appeals court has rejected SAP's attempt to overturn a US$345 million judgment awarded to Versata Software, which had brought a patent-infringement case against the software maker.
The encryption quiz
Substitution ciphers, military encryption devices, hashing, symmetric key algorithms – how well do you know them?
The data breach quiz
Find out how RSA, Sony, Citigroup, Anonymous and the U.S. Senate fit into this watershed year for data hacks
10 IBM design gems
IBM’s corporate design program spans architectural, graphic and industrial design
Hot products from RSA 2011
Security conference showcases the next trends in network security.
2011's 25 Geekiest 25th Anniversaries
RSA Conference debuts new security gear
A range of vendors chose RSA Conference 2010 to unveil their latest products
Top 10 RSA Conference security innovators
Here are the 10 RSA Conference Innovation Sandbox competitors for the title of most innovative security product likely to have a big impact.
2010's 25 geekiest 25th anniversaries