NSA Recommendations for RSA SecurID Users After Cyber Intrusion

Sun, Apr 24, 2011

On March 17, 2011, RSA announced that it had been the victim of a cyber intrusion, and as a result, information related to its SecurID product – a two-factor authentication device – had been compromised. According to RSA, the compromise does not lead to a direct attack on SecurID, but it does decrease its effectiveness.

In reaction to the RSA cyber intrusion, The National Security Agency (NSA) released Information Assurance Advisory No. IAA-003-2011: Recommended Actions for SecurID Users in Response to RSA Cyber Intrusion. This advisory expands on the information previously released by NSA via Information Assurance Alert No. IAR-001-2011: Mitigations for the RSA Cyber Intrusion, and provides additional guidance on:

· The use of SecurID hard tokens and soft tokens
· Fortifying the security profile of SecurID’s authentication factors
· Measures to harden SecurID’s Authentication Manager

Light Point Web 0.8 Complete

Thu, Apr 21, 2011

We have just wrapped up development and deployment of Light Point Web 0.8. We released 0.7 just over a month ago, so this release isn’t much different. However, our 0.7 beta did not go so well, so 0.8 is mainly just fixing the problems we found with 0.7.

How to Protect Yourself From the Epsilon Security Breach

Sun, Apr 10, 2011

Epsilon, one of the largest email marketing companies, was affected by a major security breach that resulted in the compromise of the email lists of some of its clients, including JPMorgan Chase, Capital One, TD Ameritrade, and Citi. The names of the companies impacted by the breach are slowly being released by Epsilon, and it is expected that the list will slowly grow over time. Only the names and email addresses of customers have been compromised in most cases. This means that the threat is relatively low for those of us that practice good security. However, there is still a threat. Here is what you may see if you are the customer of one of the affected brands, and what you can do to protect yourself.

Search

@LightPointSec on Twitter

  • Massachusetts General Hospital data breach affects 4.3K patients https://t.co/jOBbPAlf8q by @gregmasters21 38 minutes ago
  • Flash or HTML5? Malvertising-Makers Will Happily Hijack Both https://t.co/T70cXqnWrY 1 day ago
  • Clinton’s private e-mail was blocked by spam filters—so State IT turned them off https://t.co/FEufRVuhJS via @thepacketrat 1 day ago
  • RT @thecyberwire: 2016 Cyber Security Hall of Fame nominations are now open. Due on July 20th. Check out https://t.co/RH4soroNAg #cybersec 1 day ago
  • @thecyberwire Thanks for the shout out! Much appreciated! 2 days ago