RSA Labs, Page 2

Does DDoS Takedowns Really Change Extortion Rules of Engagement?

The proliferation of account takeovers, DDoS attacks,  ransomware and outright cyber extortion targeting individuals and institutions is not only disrupting the hack attack landscape, but also raising questions around our rules of engagement. How are we supposed to deal with all of this knowing the bad guys aren’t playing by the same rules that we…

Saving two birds with one stone: A new fast and robust coding scheme

There is a lot of important data in our digital world, which – whether in transit or at rest – we want to keep secure and available in the face of unexpected loss or corruption. Error correcting codes (ECCs) are an important tool for achieving reliable data transmission or storage over unreliable networks or media,…

Does EMV Make Online eCommerce Transactions Safer?

Ok, let’s get this quickly out of the way: EMV, the non-swipe chip-embedded credit cards are sturdy barriers against (in-person) credit card fraud.  However, when it comes to card-not-present eCommerce transactions (e.g. online ecommerce) where EMV is not a factor and where cybersecurity threats continue to proliferate, shouldn’t the customer experience be as secure and…

Beware of Greeks Bearing Mobile App Downloads

RSA has been made aware of a new malware attack campaign that targets end-users of online banking applications, which could enable fraudulent wire transactions from victims’ accounts. The attack relies on an Android-based SMS hijacker app that has been branded or “skinned” with RSA SecurID branding to make it appear more credible. This attack targets…

What is the Deep (Dark) Web?

Billions of people use the web on a daily basis. However, most of them usually consume less than 5 percent of its content. This 5 percent is known as the Surface Web, the part of the web whose content can be indexed and found by standard search engines that use link-crawling techniques, like Google, Bing, Yahoo,…

Browser Locked? Call This Number.

A new form of browser locker has recently surfaced.  Browser-lockers are websites or pop-ups that redirect the browser to a website that locks-up the browser.  The user is prevented from continuing any normal operation including closing the offending browser window, opening a new page, or closing the application itself. This new browser locker calls itself…

Peering into GlassRAT

Today RSA is reporting GlassRAT, a previously undetectable Remote Access Tool (RAT) which was discovered by the RSA Incident Response Team and investigated by RSA Research during an engagement with a multi-national enterprise.   While the malware was not detectable by endpoint antivirus products, RSA Security Analytics was able to identify and alert on its network…

More Than Meets The Eye (Part 2): Solving the Browser Lock Ransom Page

In the original More than Meets the Eye blog, we discussed attackers’ ability to hide in plain sight.  A very successful campaign that utilizes this approach is the fake FBI ransom webpage; a fraudulent website that claims to be an FBI property, but then attempts to extort the victim. Figure 1: Fake FBI website This…

How costly is that typo?

Security products are essential for enterprises, vendors and end users to survive the current network environment. Ideally, which security products are to be deployed should depend on the costs and the benefits. While the cost can be easily quantified by the money spent or the deployment and management effort, how to assess the benefit of…

Disruptive Innovation

Innovation is a continual process, building upon the past to improve the future.  Often this means small, incremental steps that chip away at a larger problem.  Sometimes, by accident or design, those changes aren’t so small.  These massive changes are a disruptive innovation that can redefine what is possible. It used to be that the winner…