Stories about: RSA

Neosploit, the notorious hacker exploit kit that some thought had been retired months ago, has not only returned from the dead, but is responsible for a dramatic increase in attacks, a security researcher claimed Thursday.

Remember the old M&M analogy - security is like an M&M candy, hard shell on the outside, soft on the inside. In other words, put up firewalls, built a strong perimeter and you're good to go. Of course, nobody believes that M&M-type security is sufficient in today's world of insider threats, data leakage, mobile workers, thumb drives and sophisticated malware. So, what's the new metaphor? We asked around and came up with a number of interesting and useful ways to think about enterprise security.

A security company on Friday asked for help cracking an encryption key central to an extortion scheme that demands money from users whose PCs have been infected by malware.

Security issues often seem to smolder more than burn, but these six are certainly capable of lighting a fire under IT professionals at a moment's notice. Handle with care.

The PCI Security Standards Council, which establishes requirements for the payment-card industry, Tuesday formally launched its payment-application security program.

Many people fear them, but most hackers are no more than simple point and click operators (the basic script kiddie) that are incapable of anything but using tools created by others.

This is a transcript of a keynote address presented at the RSA Conference on Thursday by Dave Hansen, corporate senior vice president and general manager for CA's Security Management Business Unit. The address is titled: "Strategic Security: The Evolving Role of the Security Professional."

SIM (security information management) products have become more accepted as critical components within the network security infrastructure. As such, understanding the criteria for selecting SIMs has become more important. Moreover, in a fast-evolving market segment [SIM becomes SEM (security event manager), becomes SI/EM, becomes ...], it's more important to understand the important architectural differences and implementation requirements than the industry acronyms and product names. A wave of consolidation has already begun to hit the SIM market, but the major issues and deployment criteria span brands and individual technologies.

Art Coviello, President of RSA and Executive Vice President of EMC Corporation, talks to Computerworld's Siobhan Chapman about enterprise threats, IT security spend and the rising threat posed by social networks.

As long as IT managers encrypt data using only one vendor's products, the keys used to decrypt that data can be relatively easy to manage. But it will likely become much more complicated as more vendors build encryption into more and different types of storage devices, each with their own key management system, and as users need to move encrypted data among devices for disaster recovery, legal discovery or simply everyday business communications.

Web security is at the top of customers' minds after many well-publicized personal data breaches, but the people who actually build Web applications aren't paying much attention to security, experts say.