Tuesday, May 29, 2012

RSA SecurID software token cloning: a new how-to

This attack bypasses protections built in RSA's 2-factor authentication system.

Image source: Article
The RSA seed value is easy to obtain and copy by anyone with access to a computer that's lost, stolen, or has been compromised with a backdoor trojan.

Are you blindly trusting your RSA tokens? Read the article to find out. Or are you using GuardTime keyless signatures to prove they have not been compromised?

No comments: