Tag Archives: Breach

Updated SSL/TLS Deployment Best Practices

September 23, 2013 by Bruce Morton     No Comments

First, I would like to than Ivan Ristic for his development of the SSL/TLS deployment Best Practices document. This is a simple overview of what a Web server administrator should consider in an SSL deployment. I am also looking forward to Ristic’s book, “Bulletproof SSL/TLS and PKI,” which hopefully will be released sometime soon. Version [Read More...]

Filed Under: SSL, SSL Deployment Tagged With: Breach, CASC, Ivan Ristić

SSL News from Black Hat and DEF CON 2013

September 17, 2013 by Bruce Morton     No Comments

Every year we review some of the presentations at Black Hat and DEF CON that discuss SSL, TLS and HTTPS. Here is the list from 2013. The Factoring Dead: Preparing for the Cryptopocalypse Download: Slides by Alex Stamos, Tom Ritter, Thomas Ptacek and Javed Samuel This presentation looked into the recent leaps in solving discrete [Read More...]

Filed Under: SSL, SSL Deployment Tagged With: Breach, C.R.E.A.M., DEF CON

Twitter Latest Victim of Weak Password Breach

November 12, 2012 by Mike Byrnes     No Comments

Today, it’s Twitter who fell victim to a breach from weak passwords

Sophos Breach Tied to Partner Portal

April 6, 2012 by Jon Callas     2 Comments

Security Week reports in, “Sophos Kills Partner Portal After Suffering Breach” that the security firm Sophos has disabled its partner portal after discovering a breach. They aren’t saying much yet — kudos to them for their disclosure and response — but they think that the breach came from an older part of their portal, and [Read More...]

Filed Under: General Tagged With: Breach, SC Magazine, security

Potential Breach Affecting VISA, MasterCard — EMV Won’t be Here Soon Enough

March 30, 2012 by Mike Byrnes     No Comments

Brian Krebs scooped a major story yesterday about a potential major credit card breach at a U.S.-based payment processor affecting both VISA and MasterCard. The news made headlines across top media outlets for good reason: this is NOT the first major credit card breach. 2011 saw a wrath of breaches including Epsilon and Sony, not [Read More...]

Does RSA understand what happened to them?

January 20, 2012 by Jon Callas     No Comments

Blogmaster Note: This was originally posted on January 18,  2012 to ComputerWorld UK’s Security Spotlight Blog . This was not just an attack on RSA, it was an attack on all of us. In Tim Greene’s article, “RSA security breach has silver lining, says CEO,” he quotes Art Coviello as saying “…we were able to [Read More...]

Filed Under: General, Identity Assurance Tagged With: RSA, RSA breach, SecurID

RSA got you down, Maybe it’s time to Trade Up!

July 14, 2011 by Dave Rockvam     No Comments

As we all have seen in the media, as well as heard from our customers, cyberthreats are an escalating problem for enterprises, financial institutions, governments and even individuals. These threats are as basic or as sophisticated as necessary to perpetrate the desired outcome of those doing the attacks.

The Time is Now

July 13, 2011 by Dave Rockvam     No Comments

Today, Entrust announced a hard token replacement program for organizations switching to Entrust IdentityGuard

Filed Under: Identity Assurance, Mobility Tagged With: Breach, IdentityGuard, mobile

When things are moving just a bit too quickly. . . the whirlwind of data breaches!

May 30, 2011 by Scott Perry     No Comments

I’ve just coined a new term – at least I think I can take credit for it – and remember, you heard it here first: “Breach Speed” . I derived it from the dramatic speed at which data breaches are occurring.  Borrowing from the Urban Dictionary, I’d see it something like this: Breach Speed: A [Read More...]

Filed Under: General Tagged With:

Pay for a secure Internet ID? Perhaps the time has come.

April 27, 2011 by Mike Byrnes     No Comments

“Wow – 77 million PlayStation accounts hacked – that’s huge!  Dad , did you see this internet fraud story?”  My 13 year old is not a big gamer nor does he care that much about internet fraud (though he is a good sounding board when I am working through issues), but when he saw the [Read More...]

Filed Under: Citizen eID Tagged With: epsilon, fraud, internet security