decipher | Breaking Cybersecurity News | The Hacker News

According to media reports in September, documents released by whistleblower Edward Snowden have confirmed the existence of backdoor in some technologies RSA . Last Friday, The Reuters News Agency accused the Security firm RSA for taking a $10 million ' bribe ' from the National Security Agency ( NSA ) in order promote a flawed encryption by including it in its BSAFE product to facilitate NSA spying . Today In a blog post , RSA has categorically denied accusation about any secret partnership with the National Security Agency to insert backdoor. " Recent press coverage has asserted that RSA entered into a "secret contract" with the NSA to incorporate a known flawed random number generator into its BSAFE encryption libraries. We categorically deny this allegation. " " We have never entered into any contract or engaged in any project with the intention of weakening RSA's products " the company said. The company gave the following reasons for choosing and promoting...

If you own a world-renowned Security Product or a Service, National Security Agency (NSA) is ready to pay you 10 Million or more bribe for keeping intentional backdoor for them. According to an exclusive report published by Reuters , there is a secret deal between the NSA and respected encryption company RSA to implement a flawed security standard as the default protocol in its products. Earlier Edward Snowden leaks had revealed that the NSA created a flawed random number generation system (Dual_EC_DRBG), Dual Elliptic Curve , which RSA used in its Bsafe security tool and now Snowden has revealed that RSA received $10 million from NSA for keeping Encryption Weak. So, anyone who knows the right numbers used in Random number generator program, can decipher the resulting cryptotext easily. Recommending bad cryptographic standard is one thing, but accepting 10 million to deliberately implement is something very shameful for a respected Security company. The new ...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...