Six Keys to Successful Identity Assurance – Broader Ecosystem

Earlier in this blog series, we discussed anomaly detection and machine learning focusing primarily on examples that included information you could expect to be available from the system that provides your identity assurance. It’s likely, however, that there is much more data that can be leveraged for making system access decisions in your current IT…

Is the cyberworld doomed to be unsafe forever?

Before seeking an answer, let’s question the question. I recently returned to the cybersecurity industry and (re)joined the good fight to secure the cyberworld. As the digital era unfolds, it feels good to be part of this mission-driven industry to help create a safe digital future. While a lot has changed, and there have been great…

GET TO THE CHOPPAH

A new variant of this tool, previously reported in 2013 by TrendLabs, was submitted to VirusTotal from the Philippines on March 27th, 2017. Its original filename, 2017.exe, was prescient since it has the ability to exploit CVE-2017-5638 and other previous Apache STRUTS vulnerabilities. File Details File Name: 2017.exe File Size: 107008 bytes MD5:        …

Yin and Yang: Two Views on IAM – HR vs Identity Management

By Steve Mowll and Chris Williams POINT: NEWS FLASH identity management people, HR is not here to feed you with identity data! Steve Mowll, Systems Engineer, RSA Identity management teams may believe it is the human resource (HR) department’s responsibility to be an identity management provider. Unfortunately for IT, or fortunately for HR, it is…

What’s Really at Risk With Reputation Risk

When boards express anxiety about cybersecurity risk, one of the foremost fears they face is reputation risk. Why is that? Because cybersecurity failures do cause reputation damage, and reputation risk is scary. A security failure can immediately bring unwelcome headlines, hits to the share price and probing questions from business partners Security failures can also…

Black Hat Asia NOC: Malware visibility

By Chris Thomas and Mike Sconzo In the Black Hat Asia NOC we worked to ensure the wireless network was available for presenters and attendees. As part of our monitoring, we kept an eye open for any malware present on the network. RSA NetWitness® Suite’s Malware Detection capabilities look for network sessions containing file-types typically…

Six Keys to Successful Identity Assurance – Machine Learning

In our last discussion on the six keys to an identity assurance strategy, we talked about anomaly detection. In that blog, we discussed recognizing normal and abnormal behavior. Recognizing this behavior, and adapting to changes in that behavior, is where the topic of this blog starts as our next key component of an identity assurance…

A Different Take on Keystroke Logging

On March 29th a file was uploaded to VirusTotal containing a fake Microsoft Update Authenticode certificate. Soon thereafter, RSA Research investigated the sample based on certain artifacts that matched those present on Shell_Crew malware RSA Research previously reported on. This Windows DLL file was compiled on October 28th, 2014 at 06:35:47 GMT (Table 1). File…

The Fiesta Exploit Kit – Not So Festive After All

Exploit kits (EK) are a very popular with attackers to compromise a target system. The ease of use and its success rate compared to other infection vectors are among the reasons attackers are attracted to using these kits. In recent years, exploit kits were used to deliver ransomware, the most famous of which was the…

Six Keys to Successful Identity Assurance Strategy: Anomaly Detection

In granting access to users, understanding their behavior goes a long way towards providing frictionless security. As part of our blog series, Six Keys to a Successful Identity Assurance Strategy, we continue to explore going beyond simple two-factor (2FA) or multi-factor authentication (MFA) to create a successful identity assurance strategy for your organization. Previously, we…