Malware…there’s an app for that!

“We aim to please, Miss Steele” -E.L James in Fifty Shades of Grey                   “Good, Bad.  I’m the guy with the gun” -Ash in Army of Darkness As with the advent of Spyware and Adware, the world of Malware has grown in new directions.  While viruses and worms abound and are becoming increasingly (even…

Rogue Mobile Apps, Phishing, Malware and Fraud

By: Limor Kessem,  Information highways have long crossed the borders of the static PC over to mobile devices and now, more than ever before, into the realms of that platform. With technology galloping forward, millions of users use mobile devices to access the Internet, shop, pay, check their accounts, work, communicate and socialize. Nowadays, this…

Whitehats vs. Blackhats: Techniques of the Cybercrime Elite Trickle Down to the Public Domain

By Mor Ahuvia, Cybercrime Communications Specialist, RSA Advances made in the cybercrime world over the past year prove that the trickle-down effect does not only apply to tablet computers and space tourism. Rather, much like real world products, techniques that were once reserved for the cybercrime elite have trickled down to the public domain, bestowing…

Lions at the Watering Hole – The “VOHO” Affair

Collaborative Research by the RSA Advanced Threat Intelligence Team As part of routine security research, the RSA Advanced Threat Intelligence Team identified a new hacking attack this week that uses a technique that we’ve termed “Watering Hole”. In the new attack we’ve identified, which we are calling “VOHO”, the methodology relies on “trojanizing” legitimate websites…

Read Eric Baize blogs at productsecurityblog.emc.com

Eric Baize is Senior Director of the Product Security Office at EMC Corporation. You can read all of Eric’s new and previous blog posts at: http://productsecurityblog.emc.com/

2012 Faces of Fraud Survey – Podcast #235

Amy Blackshaw, Sr. Product Marketing Manager for RSA’s Identity Protection and Verification business discusses the Information Security Media Group’s 2012 Faces of Fraud Survey and how the banking and financial sectors are proactively protecting themselves and the consumer. http://rsa.edgeboss.net/download/rsa/2012/120709_sos_podcast_amy_blackshaw.mp3Podcast: Play in new window | Download

Decoding Service for Audio-Skimmed Credit Card Data Offered in the Underground

A new service recently launched in the underground, offering cybercriminals to decode track 2 data (raw information of the magnetic stripe) that was captured in audio format by ATM skimmers. ATM Skimmers are devices that are installed by criminals over ATMs, designed to capture the magnetic stripe data along with the victim’s PIN code. Some…

Lessons of a Password Breach – Podcast #234

Dan Shugrue, Principal Product Marketing Manager for RSA’s Identity and Verification Unit discusses lessons learned from recent password breaches at several major internet and social networking sites from both the consumer and business perspective.   http://rsa.edgeboss.net/download/rsa/2012/120709_sos_podcast_dan_shugrue.mp3Podcast: Play in new window | Download

Stalking the Kill Chain: Position Before Submission

By Alex Cox, Sr. Researcher, RSA Advanced Threat Intelligence Research Group In Brazilian Jiu Jitsu (BJJ), a modern martial art focused on ground fighting, a common theme among practitioners is the concept of “position before submission”. In other words, the fighter seeks to establish physical and positional dominance before ending the fight with an attack…

A Maturity Model for Security Management

I was in a meeting with a major telecommunications company recently in which they presented their security strategy for the mobile environment. The speaker outlined the threat landscape that they saw themselves confronted with. Then, for each threat, he showed the technology they were using to address that threat.  For lost devices, for example, there…