Eternal Flame

The Eternal Flame is something you’ll probably recognize as the ever burning fire in ancient Greece; but in fact it has deeper roots in the Middle East. The first records of such custom are, interestingly enough, set in ancient Iran and Israel. The security industry’s skies are now alight with Flame, the latest discovery in…

The Ultimate Defense Against Advanced Persistent Threats

Sorry about that, I knew the title would pull you in…but what I have to say will, in the end, support the headline. The reason for the showmanship is that if the title had been “End User Training and Awareness is Important” or “Training End Users Will Help Your Bottom Line” you may not have…

Configuring the Human Firewall

Configuring the Human Firewall These days it seems every single attack out there is called an ‘APT’,  but the truth is that ‘real’ APT attacks are actually much more rare and are generally not in the public domain. When planning an APT, social engineering is the most important tool in the cybercriminal toolbox.  So how…

Telling the Story: Using Narrative in Talking about Security

I had the opportunity recently to speak about “Advanced Security” at the Evanta CISO Executive Summit event in Houston.  Just before going onstage for my presentation, I had a great conversation with David Frazier (Director of IT for Halliburton) about the approaches he’s taken not only in security strategy, but in discussing security with the…

The eDead Trojan: A Synopsis of Geo-Targeted Spyware

While RSA FraudAction Research Labs does not usually focus on pure-play spyware, which is solely interested in users’ keyword searches and browsing habits, over the past year, the Lab has repeatedly detected and handled strains of malware called the eDead Trojan[1]. This highly-targeted spyware code was developed for the sole purpose of collecting keyword search…

Our thoughts on the RSA SecurID software token research

Guest Blog Post by Dan Schiappa, Senior Vice President, Identity & Data Protection In the security business, scrutiny by customers, peers and researchers is a fundamental industry principle. RSA embraces this principle — our Public Key Encryption algorithm, for example, has withstood more than 30 years of scrutiny and remains a foundational underpinning for secure…

Trust them not to go around killing people!

I recently hosted a dinner debate for a number of C-level attendees in London.  The topic of discussion for the evening was the one topic that everyone is talking about – namely Advanced Persistent Threats. The discussion quickly moved on to what should organizations be doing to protect themselves against APT’s?  On the basis that…

Stop climbing through the haystack to find the needle: Use a magnet

by Barrett Mononen – Sr. Product Marketing Manager, RSA A few weekends back I had the pleasure of going to the local children’s museum with a young nephew of mine. One of the attractions was a magnet from an old air craft carrier’s radar system –it was huge and really powerful. The sign explained what…

Online Dating, Online Fraud: It’s All Relative

To me, online dating these days is not much different than online fraud.  I speak from personal experience on both – as someone who has experienced the thrills of online dating sites (NOTE sarcasm here) and has the privilege of witnessing the latest online scams that fraudsters pull on a daily basis.  I live in…

Citadel Outgrowing its Zeus Origins

By Limor S Kessem, Cybercrime and Online Fraud Communications Specialist, RSA As of April 30th, 2012 the Citadel Trojan was at its fourth upgrade with Version 1.3.4.0 already in the hands of its customers. Citadel’s features, bug fixes and added modules (each priced separately), have long gone beyond what Zeus ever offered as Slavik’s zeal…