Computer Internet network security News

Click here to listen/download (9:51).
After a week’s break, we’re back with highlights and sound bites from RSA Conference 2006, including Bill Gates and our own Art Coviello; what’s coming up on the RSA Security Web Seminar Series calendar; and our monthly visit from Shannon Kellogg, director of government and industry affairs, with his take on the government buzz around taking down cyber criminals.
Related Links:

On-Demand Replays of the RSA Conference Keynote Addresses
RSA Security Web Seminar Series

Original post by blog@rsa.com (Podcast Producers) and software by Elliott

Computer security Systems Computer security Systems

“The Web is an information space. Human beings have a lot of mental machinery for manipulating, imagining, and finding their way in spaces.”
A layman’s Guide to User Centric IdentityIn a previous piece I suggested that the vast majority of low value transactions in tomorrow’s more web-enabled world can be dealt with through a risk-based and transactional approach (”Adaptive Authentication” or “Risk-Based Authentication”). As we move up the value chain we reach a lower volume of higher-value transactions where we move beyond Pseudonymous Authentication and where there is a clear requirement for a more meaningful and persistent linkage to our “Identity”.
This mega blog entry is an attempt to develop an analogy that makes the central issue of User-Centric Identity accessible to anyone who is not an “Identity Savant”, thereby opening an important debate to a wider audience.

Original post by blog@rsa.com (John Madelin) and powered by Img Fly

Computer security Systems Computer security Systems

RSA Conference 2006 – San Jose, California – Day Three
Today shouldn’t be quite as hectic so I can just roam around and check out the happenings at the conference. I really plan on enjoying this, and I appreciate the opportunity RSA gave me to get my thoughts out this week.
The panel discussion I was on yesterday went well. My message was that if you are a financial institution and you are mandated to implement strong authentication, be very careful. Your consumer/users are concerned about security, but they want it to work seamlessly. Don’t implement something that would damage their experience with your deliverable. And allow yourself enough time to properly implement whatever solution you select. I believe all of the panelists agreed on those messages. For PSECU, I’m confident that the risk-based authentication that RSA Cyota offers was the right one.

Original post by blog@rsa.com (Kevin Doyle, CISSP, CISM ) and a wordpress plugin by Elliott

Computer security Systems Computer security Systems

RSA Conference 2006 – San Jose, California – Day Three
Today shouldn’t be quite as hectic so I can just roam around and check out the happenings at the conference. I really plan on enjoying this, and I appreciate the opportunity RSA gave me to get my thoughts out this week.
The panel discussion I was on yesterday went well. My message was that if you are a financial institution and you are mandated to implement strong authentication, be very careful. Your consumer/users are concerned about security, but they want it to work seamlessly. Don’t implement something that would damage their experience with your deliverable. And allow yourself enough time to properly implement whatever solution you select. I believe all of the panelists agreed on those messages. For PSECU, I’m confident that the risk-based authentication that RSA Cyota offers was the right one.

Read more at blog@rsa.com (Kevin Doyle, CISSP, CISM )

Computer security Systems Computer security Systems

RSA Conference 2006 – San Jose, California – Day Two
Hello everyone. I’m new to this, so forgive me if I don’t follow “blog ettiquete”, if there is such a thing.
I got to San Jose late last night. Because of my directionally-challenged nature and the registration process (extra step for speakers), I didn’t get to the first keynote (John Chambers – President & CEO, Cisco Systems) on time. From what I did hear, it sounded very good. The demo at the end was interesting. The CSM tool looks like a nice add-on to Cisco’s infrastructure, allowing you to better manage the security of the network.
Backing up a little, I have to say that this is my first RSA Conference…

Original post by blog@rsa.com (Kevin Doyle, CISSP, CISM) and software by Elliott

Computer security Systems Computer security Systems

RSA Conference 2006 – San Jose, California – Day Two
Hello everyone. I’m new to this, so forgive me if I don’t follow “blog ettiquete”, if there is such a thing.
I got to San Jose late last night. Because of my directionally-challenged nature and the registration process (extra step for speakers), I didn’t get to the first keynote (John Chambers – President & CEO, Cisco Systems) on time. From what I did hear, it sounded very good. The demo at the end was interesting. The CSM tool looks like a nice add-on to Cisco’s infrastructure, allowing you to better manage the security of the network.
Backing up a little, I have to say that this is my first RSA Conference…

Read more at blog@rsa.com (Kevin Doyle, CISSP, CISM)

Computer security Systems Computer security Systems

Click here to listen/download (7:14).
This week, while onsite at RSA Conference 2006, RSA announces two new RSA SecurID® token options and a plan for embedding RSA SecurID strong authentication technology in more of the objects we all use everyday. Listen for more. Also, Speaking Security blogger and RSA’s vice president of research and chief scientist, Burt Kaliski, makes his podcast debut with some ideas about how cryptography is preparing for the long term.
Related Links:

This Week’s Press ReleasesRSA Laboratories

Original post by blog@rsa.com (Podcast Producers) and powered by Img Fly

Computer security Systems Computer security Systems

Yep, I got one too: An officious e-mail that starts off by saying, “We regret to inform you that your online profile was not successfully updated and your Skype account has been temporarily suspended…,” blah, blah, blah. Of course, the e-mail is a phish. It didn’t originate from Skype.
If you haven’t been keeping up with the terminology recently, phishing attacks are attempts to get consumers to reveal account details or personal information about themselves. The attacks use all sorts of methods, including ‘spoofed’ e-mails and fake websites that often look identical to the real ones. Some attacks go further, by enticing the unwitting user into installing malware such as keystroke loggers onto their computers.
According to Gartner, direct phishing-related loss to US banks and credit card issuers in 2003 was US$ 1.3 billion. Indirect losses are much higher […] Phishing also causes substantial hardship for victimized [...]

Original post by Kurt and software by Elliott Back

Computer security Systems Computer security Systems

Click here to listen/download (9:54).
Get the latest about the new RSA SecurID Appliance 2.0 and our BIG win in Japan; meet guest blogger, RSA Security and Cyota customer, Kevin Doyle, information security manager for the Penn. State Employees Credit Union; find out which RSA products received Product of the Year awards from Information Security magazine; and learn about Vantage, a magazine for the information security professional.
Related Links:
About the RSA SecurID Appliance 2.0New RSA Security CustomersSubscribe to Vantage MagazineRSA SecurID

Original post by blog@rsa.com (Podcast Producers) and a wordpress plugin by Elliott

Computer security Systems Computer security Systems

As I rolled out of bed this morning, I found a huge amount of thread notifications about vundo. Made my way to the threads to find news of a new variant. Vundofix.exe is updated and now targets “MFCOptimizeClass Object”. Other than the new BHO this variant is the same as all others. It gives those wonderful winfixer popups that you all know and love.
I posted more info on the frontpage of Atribune.org

Read more at atribune

Malware Malware

Uncategorized

Uncategorized