It seems there is more to the RSA intrusion than was made public. Has anyone read how LM detected the attack? I'm guessing that their SEIM alerted to an increase in RSA account lockouts?
On Tue, May 31, 2011 at 9:42 AM, Andrew S. Baker <[email protected]> wrote: > *In today’s security news…* > > Good morning: > > There was sustained attach on the network of Lockheed Martin, which appears > to be related to the earlier attack on RSA’s security token > infrastructure<https://www.nsslabs.com/research/analysis-briefs/rsa-breach.html> > . > > · > http://www.computerworld.com/s/article/9217125/Lockheed_Martin_Attack_Signals_New_Era_of_Cyber_Espionage > > · > http://www.computerworld.com/s/article/9217126/Lockheed_Martin_acknowledges_significant_cyberattack > > Thankfully, it was unsuccessful, due to the diligent efforts of the > security team at Lockheed Martin (and possible support from Homeland > Security), but I expect that it will be the first of many attempts against > other organizations that use RSA tokens… > > > > *ASB *(Professional Bio <http://about.me/Andrew.S.Baker/bio>) > *Harnessing the Advantages of Technology for the SMB market... > > * > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
