.

RSA SecurID Hacked: 2FA Fob and Software Compromise?

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Fri Mar 18, 2011 9:39 am

RSA SecurID Hacked: 2FA Fob and Software Compromise?

Nice post by Richi Jennings of ComputerWorld with quotes from other blogs on the story.


Egg meets face, as security company 'fesses up to security breach. Are your RSA SecurID keys safe? Or are we panicking too much?

EMC's RSA says its SecurID two-factor authentication system has been "impacted" thanks to a hack attack. It's not clear whether the company's fob or software 2FA tokens have been compromised. In IT Blogwatch, bloggers push the panic button.

Your humble blogwatcher curated these bloggy bits for your entertainment



For full blog:
http://blogs.computerworld.com/17995/rs ... compromise

Don
CISSP, MCSE, CSTA, Security+ SME
<<

tturner

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Thu Jun 26, 2008 4:50 pm

Post Fri Mar 18, 2011 10:14 am

Re: RSA SecurID Hacked: 2FA Fob and Software Compromise?

I'm seeing a lot of panic on the internet as people speculate a master key compromise or identified vulns in the implementation but we really don't know. The bottom line is this damages the trust relationship with RSA and the SecurID tokens. I think it's a good idea to take a closer look at your CSIRT processes and take this into consideration, but I think the assumption that 40 million 2FA tokens are broken is a bit alarmist. I will tell you that I'm not revoking all the tokens in my environment, but I'm keeping a much closer eye on my VPN gateway/fw and probably will continue to do so until we learn a bit more about the risks associated with this breach.

I also question the whole APT thing which bothers me as we see more and more compromises blamed on APT as if that somehow makes it all OK. It seems lately than anything more advanced than a skiddie attack get blamed on APt and that's just foolishness.
Last edited by tturner on Fri Mar 18, 2011 10:26 am, edited 1 time in total.
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, GSSP-JAVA, OPSE, CSWAE, CSTP, VCP

WIP: Vendor WAF stuff

http://sentinel24.com/blog @tonylturner http://bsidesorlando.org
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Fri Mar 18, 2011 2:15 pm

Re: RSA SecurID Hacked: 2FA Fob and Software Compromise?

RSA Fail - Security Lessons Unlearned
https://infosecisland.com/blogview/1263 ... arned.html

Return to News from the Outside World

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software