Lucene search
+L

134 matches found

ThreatPost
ThreatPost
added 2011/06/07 11:37 a.m.14 views

RSA Says Lockheed Attack Not a New Threat to SecurID, But Will Replace Users' Tokens

In the wake of a string of attacks against high-profile users of RSA Security’s SecurID tokens including Lockheed Martin, the company has posted an open letter to its customers, trying to reassure them that the tokens are secure and that the attacks don’t represent a new threat to these businesse...

0.7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2011/06/01 3:15 p.m.13 views

Report: L3 Warns Employees Of Attacks Using Compromised SecurID Tokens

Executives at U.S. defense contractor L-3 Communications warned employees in April about an attempt by unknown assailants to compromise the company’s network using forged SECURID tokens from RSA. The report, if accurate would be the second attack on a leading defense contractor with links back to...

0.9AI score
Exploits0References3
The Hacker News
The Hacker News
added 2011/05/28 1:23 a.m.15 views

Hackers broke into Lockheed Martin networks & U.S. defense contractors !

Unknown hackers have broken into the security networks of Lockheed Martin Corp and several other U.S. military contractors, a source with direct knowledge of the attacks told Reuters. They breached security systems designed to keep out intruders by creating duplicates to "SecurID" electronic keys...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2011/05/24 6:53 p.m.9 views

Report: Norwegian Military Hit by Cyber Attack in March

The Norwegian military has admitted it was hit by a “massive” phishing cyber attack in March, according to a report from Techworld.com. The attack began in an e-mail sent to select members of the defense ministry from what appeared to be another Norwegian government agency. An enclosed attachment...

1.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2011/04/12 11:51 a.m.40 views

Adobe Flash Bug Being Used in Attacks Via Word Documents

Adobe on Monday warned its customers about a new unpatched vulnerability in its Flash Player application. Officials say that the bug is being used in targeted attacks involving a malicious Flash file embedded in a Microsoft Word document. The Flash vulnerability affects users on Windows, Apple OS...

9.3CVSS1.3AI score0.9941EPSS
Exploits14References3
ThreatPost
ThreatPost
added 2011/04/02 1:25 a.m.30 views

RSA: SecurID Attack Was Phishing Via an Excel Spreadsheet

RSA confirmed on Friday that the attack that compromised the company’s high-value SecurID product was essentially a small, targeted phishing campaign that included a payload of a malicious Flash object embedded in an Excel file. The much-discussed attack on RSA, which the company revealed last...

9.3CVSS0.7AI score0.66821EPSS
Exploits8References4
ThreatPost
ThreatPost
added 2011/03/22 1:36 p.m.14 views

Paul Kocher on the RSA Attack

Dennis Fisher talks with Paul Kocher of Cryptography Research about the details of the attack on RSA, what the attackers might have stolen and what the compromise of the seed file for the SecurID tokens would mean for customers. Podcast audio courtesy of sykboy65 Subscribe to the Digital...

1.9AI score
Exploits0References2
ThreatPost
ThreatPost
added 2011/03/21 3:13 p.m.9 views

Back-End Software May Be Real Worry in RSA Attack

The attack on RSA that the company revealed last week raises a multitude of questions about the security of the company’s network and its own internal procedures. But the most important issues the RSA attack brings to the surface concern exactly what the attackers may have been after and what the...

1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2011/03/18 5:20 p.m.14 views

RSA Warns Customers Of Targeted Attacks In Wake of Hack

RSA, the security division of EMC Corp. has warned customers to be on the lookout for targeted attacks, including suspicious messages and links sent over social media networks in the wake of a sophisticated attack that spilled confidential information about the workings of the company’s SecurID...

0.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2011/03/18 3:11 p.m.31 views

Greg Hoglund Discusses HBGary Mishap

Greg Hoglund, CTO of HBGary, admits that lackluster security played a central role in the breach that led to the release of some 50,000 company emails, but also disputes common understanding and reported details of the hack, going so far as to say there was actually no hack at all. In an intervie...

Exploits0References5
The Hacker News
The Hacker News
added 2011/03/18 2:5 p.m.9 views

After hack, RSA Release Open Letter to RSA Customers !

Just now Top security firm RSA Security revealed by extremely sophisticated hack, Read complete Story here - Now, RSA Release Open Letter to RSA Customers, as given below : Like any large company, EMC experiences and successfully repels multiple cyber attacks on its IT infrastructure every day...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2011/03/18 11:23 a.m.11 views

Top security firm RSA Security revealed by extremely sophisticated hack !

Top security firm RSA Security revealed on Thursday that it's been the victim of an "extremely sophisticated" hack. The company said in a note posted on its website that the intruders succeeded in stealing information related to the company's SecurID two-factor authentication products. SecurID ad...

7.5AI score
Exploits0
ThreatPost
ThreatPost
added 2011/03/18 12:45 a.m.9 views

RSA Hack Yields SecurID Secrets

RSA Security, a division of EMC Corp. has admitted that it was the victim of a sophisticated attack that resulted in the theft of secrets related to its SecurID two-factor authentication product. The disclosure came in a blog post by RSA chief Art Coviello on Thursday. Coviello said that the...

1.4AI score
Exploits0
NVD
NVD
added 2010/10/07 9:0 p.m.22 views

CVE-2010-3321

RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions and read keys via unspecified PKCS11 API...

1.5CVSS6.1AI score0.00263EPSS
Exploits0References2
Prion
Prion
added 2010/10/07 9:0 p.m.25 views

Authentication flaw

RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions and read keys via unspecified PKCS11 API...

1.5CVSS6.5AI score0.00263EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2010/10/07 8:21 p.m.50 views

CVE-2010-3321

Summary: CVE-2010-3321 affects RSA Authentication Client 2.0.x, 3.0, and 3.5.x prior to 3.5.3 when used with RSA SecurID 800 authenticators. The secret key objects stored on the authenticator can be extracted due to the PKCS#11 objects being tagged as SENSITIVE and NON-EXTRACTABLE, which should p...

1.5CVSS6.3AI score0.00263EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2010/10/07 8:21 p.m.31 views

CVE-2010-3321

RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions and read keys via unspecified PKCS11 API...

6.1AI score0.00263EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2010/06/28 12:0 a.m.43 views

RSA Authentication Agent for Web Buffer Overflow (CVE-2005-1471)

The RSA Authentication Agent for Web for Internet Information Services IIS provides protection for selected web pages by securing them with the RSA SecurID authentication mechanism. When a user attempts to access a resource that is secured with the RSA SecurID, the RSA Agent authenticates the use...

7.5CVSS7.6AI score0.02634EPSS
Exploits4
Packet Storm
Packet Storm
added 2010/02/12 12:0 a.m.28 views

RSA SecurID Cross Site Scripting

Title: RSA SecurID XSS Discovered 12-11-2008 Discovered By: s4squatch of SecureState R&D Team www.securestate.com Vendor Notified: 10-07-2009 Vendor Response: 10-08-2009 Version: Unknown -- DLL does not contain version, therefore vendor says it is outdated and not supported. POC:...

7.4AI score
Exploits0
0day.today
0day.today
added 2010/02/11 12:0 a.m.25 views

RSA SecurID XSS Vulnerability

Exploit for unknown platform in category web applications ============================= RSA SecurID XSS Vulnerability ============================= Discovered 12-11-2008 Discovered By: s4squatch of SecureState R&D Team www.securestate.com Vendor Notified: 10-07-2009 Vendor Response: 10-08-2009...

7.1AI score
Exploits0
Rows per page
Query Builder