Tag Archives: Home

Reverse Engineering and Networking The A/C Remote Control

Posted on by

IoT has become such an polarizing, overused term. But here it is in its essence: [zeroflow] had a thing (his airconditioner) and he needed to put it on the Internet.

For his contribution to this modern vernacular atrocity, he first had to build an IR debugging tool and reverse engineer the signals coming from the air conditioner’s remote. He wrote up a really good summary of the process, and worth reading. He loads up an IR library onto an Arduino and dumps the resulting 32 bits of information to his computer. In a process much like filling in the blanks …read more

Continue reading Reverse Engineering and Networking The A/C Remote Control

Cyber Security is not for the Faint of Heart

Posted on by

It’s only midweek, but we’ve already witnessed an incredibly active week in the technology and especially the cyber security market: the closing of the Dell/EMC merger; HPE’s sale of its non-core software assets, including Arcsight, a leader in the SIEM space, to British firm Micro Focus, Intel’s sale of a majority ownership stake of McAfee…

The post Cyber Security is not for the Faint of Heart appeared first on Speaking of Security – The RSA Blog and Podcast.

Continue reading Cyber Security is not for the Faint of Heart

A New Beginning

Posted on by

Today is a new beginning for RSA as we are now a part of the collective team of Dell Technologies, the world’s largest privately controlled tech company. No doubt, many of you are asking what the impact of this merger will be to RSA. I am happy to tell you that RSA’s mission remains unchanged.…

The post A New Beginning appeared first on Speaking of Security – The RSA Blog and Podcast.

Continue reading A New Beginning

The Value of Transaction Risk Analysis for Consumer Authentication

Posted on by

The recent consultation paper set forth by the European Banking Association (EBA) surrounding the call for comments on the regulatory technical requirements for strong customer authentication under PSD2 has created a buzz.  In particular, while the EBA recognizes the “merit” of transaction risk analysis, it has called into question the ability to allow it “as…

The post The Value of Transaction Risk Analysis for Consumer Authentication appeared first on Speaking of Security – The RSA Blog and Podcast.

Continue reading The Value of Transaction Risk Analysis for Consumer Authentication

Not all IDaaS Solutions are Created Equal

Posted on by

As I talk to customers who are looking into leveraging cloud Identity services and are thinking about issues around how and where user data is stored and processed, I sometimes come across a customer who throws up their hands and says something like “the identity data is already in the cloud anyway –at the service…

The post Not all IDaaS Solutions are Created Equal appeared first on Speaking of Security – The RSA Blog and Podcast.

Continue reading Not all IDaaS Solutions are Created Equal

The Perils of Consumer Single Sign-On

Posted on by

From social media to gaming sites, every headline of a new breach makes me groan, “Time to change my password.”  It’s a begrudging task, but I still have not been pwned.  Aside from the risks associated with the common problem of password recycling among consumers, there are far too many online websites that enable consumers…

The post The Perils of Consumer Single Sign-On appeared first on Speaking of Security – The RSA Blog and Podcast.

Continue reading The Perils of Consumer Single Sign-On

How do you create a Zero Day vulnerability every day?

Posted on by

The answer is easy, don’t correctly manage the people you let into your business! I have been working in Identity and Access Management for over 10 Years, both as the leader of the Identity Services team at JP Morgan Chase and as an Identity Management Architect at RSA. I’ve had countless discussions with customers about…

The post How do you create a Zero Day vulnerability every day? appeared first on Speaking of Security – The RSA Blog and Podcast.

Continue reading How do you create a Zero Day vulnerability every day?

Context in Risk-Based Threat Patterns

Posted on by

Risks come from various sources that are not always possible to identify and subsequently prevent and mitigate in advance. With the growth in cloud, social, mobile and “bring your own device” computing, the size of the attack surface is greater than ever. Many attack scenarios are possible mainly due the complexity of the network’s topology and…

The post Context in Risk-Based Threat Patterns appeared first on Speaking of Security – The RSA Blog and Podcast.

Continue reading Context in Risk-Based Threat Patterns

Major Events and Hacktivism #OpOlympicHacking

Posted on by

Introduction As anyone who tracks attacks on the internet can tell you, Activists using hacking activity, aka “Hacktivists”, have discovered that a relatively basic hacking approach, with buy-in from disenfranchised groups of people, can have significant effects on online businesses. With names like #OpISIS, #OpParis, #OpMonsanto, #OpWhales, #OpKillingBay, #OpKKK, and #OpTrump, you can easily see…

The post Major Events and Hacktivism #OpOlympicHacking appeared first on Speaking of Security – The RSA Blog and Podcast.

Continue reading Major Events and Hacktivism #OpOlympicHacking

Playing Pokemon Go? Read this.

Posted on by

Hands up those who would leave their front door unlocked and all their personal information like passports, identity cards, bank details, their children’s details and even passwords left out for cybercriminals to exploit? Not many of you? Well, you will be surprised because that’s exactly what Pokemon Go players are doing.  If you sign up…

The post Playing Pokemon Go? Read this. appeared first on Speaking of Security – The RSA Blog and Podcast.

Continue reading Playing Pokemon Go? Read this.