Benjamin Franklin once said, “If you fail to plan, you plan to fail.” This quote summarizes the importance of online encryption policy and hands-on implementation within an organization. Though you may have the best IT department in the world and advanced computing resources, if there are no wri...
Cryptography researcher Arjen Lenstra has this week responded to criticism of a paper he co-authored that claimed to uncover weaknesses within the implementation of the RSA encryption system. RSA, a division of IT giant EMC, says that there’s nothing wrong with the RSA algorithm, it’s an...
via Newsfactor A leading security certificate authority, GlobalSign, has announced it will stop issuing new certificates pending an investigation into security threats. The action comes following an earlier announcement that a hacker or group of hackers had compromised several issuers of certifica...
via LA Times A major cyber-attack in Europe that apparently was launched from Iran has revealed significant vulnerabilities in the Internet security systems used to authenticate websites for banking, email and e-commerce around the world. The attack this summer wreaked havoc in the Netherlands, w...
via Computerworld After breaching the Dutch CA (Certification Authority) DigiNotar, Iranian hackers managed to sign forged certificates for the domains of spy agencies CIA, Mossad and MI6. Leading certification authorities like VeriSign and Thawte were also targeted, as were Iranian dissident sites....
via Information Week A group apparently taking a page out of the LulzSec playbook claims to have broken into the network of the Defense Information Systems Agency (DISA) and stolen sensitive information it plans to post online. The Crazies–which like Anonymous, AntiSec, and the now-defunct Lul...
via CRN RSA, the Security Division of EMC (NYSE:EMC), has named as its new security chief Edward Schwartz, who takes the position amid heated criticism over a SecureID data breach that left many of RSA’s high profile customers vulnerable to cyber attacks. RSA confirmed Schwartz’s appoint...
via Network World When RSA CEO Art Coviello disclosed that the company had suffered a security breach, he categorized the attack as an Advanced Persistent Threat (APT). He also described the breach as a “an extremely sophisticated cyber attack in progress being mounted against RSA.” In g...