Latest news
RSA enhances risk-based authentication solution
Posted on 21 November 2012.
RSA announced enhancements to the RSA Adaptive Authentication On Premise solution designed to help organizations in wide range of industries achieve the right balance of security against advanced threats, like those posed by Zeus, Citadel and the recently discovered Gozi Prinimalka Trojan, without compromising end user experience.
According to recent research by Aite Group, account takeover attacks resulted in over $400 million in losses in 2011, which are expected to grow by 94% to nearly $800 million by 2016. Powered by the RSA Risk Engine, the RSA Adaptive Authentication solution is engineered to mitigate the risk of account takeover by using a 'Big Data' approach to risk, drawing from a series of more than 100 different risk indicators, including device identification and behavior profiling, to validate user activity.
With an estimated 30 million pieces of malware targeting end users for account takeover, the latest RSA Adaptive Authentication solution is built to address changing customer requirements for convenience and ease of use while providing effective security against cybercriminal threats.
Organizations are constantly battling new forms of advanced threats. By incorporating additional Trojan detection features including Proxy and HTML injection protection, the RSA Adaptive Authentication On Premise solution is engineered to address Man in the Browser (MITB) and Man in the Middle (MITM), techniques employed by the latest Trojan attacks, including Gozi Prinimalka, in an attempt to compromise end user accounts.
With the RSA Adaptive Authentication solution, anomalous interactions are detected and flagged to the organization that can then take action to block, monitor or require additional authentication measures to complete a transaction.
RSA Adaptive Authentication includes new features designed to:
HTML injection protection – Detects and flags fraudulent changes to end users' browser display via MITB attacks which attempt to either manipulate payments or harvest additional user credentials like social security number, credit card number or PIN.
Man vs. machine protection – Defends against advanced Trojans using automated script attacks to fraudulently add payees and transfer money to mule accounts. RSA Adaptive Authentication software utilizes innovative Man vs. Machine protection to determine whether mouse or keystroke movements are associated with data input. Additionally, the RSA Adaptive Authentication solution differentiates between users who have the browser auto complete feature turned on and can adjust the risk score accordingly.
Proxy attack detection – Cybercriminals utilize proxy attacks to log on to banks from a proxy IP address that can allow penetration of user accounts via the genuine end user IP to gain positive device identification. RSA Adaptive Authentication solutions determine when a login or transaction is being performed via a proxy which is anomalous to the user by identifying the true IP used, and dynamically adjusts the risk response appropriately.
According to recent research by Aite Group, account takeover attacks resulted in over $400 million in losses in 2011, which are expected to grow by 94% to nearly $800 million by 2016. Powered by the RSA Risk Engine, the RSA Adaptive Authentication solution is engineered to mitigate the risk of account takeover by using a 'Big Data' approach to risk, drawing from a series of more than 100 different risk indicators, including device identification and behavior profiling, to validate user activity.
With an estimated 30 million pieces of malware targeting end users for account takeover, the latest RSA Adaptive Authentication solution is built to address changing customer requirements for convenience and ease of use while providing effective security against cybercriminal threats.
Organizations are constantly battling new forms of advanced threats. By incorporating additional Trojan detection features including Proxy and HTML injection protection, the RSA Adaptive Authentication On Premise solution is engineered to address Man in the Browser (MITB) and Man in the Middle (MITM), techniques employed by the latest Trojan attacks, including Gozi Prinimalka, in an attempt to compromise end user accounts.
With the RSA Adaptive Authentication solution, anomalous interactions are detected and flagged to the organization that can then take action to block, monitor or require additional authentication measures to complete a transaction.
RSA Adaptive Authentication includes new features designed to:
HTML injection protection – Detects and flags fraudulent changes to end users' browser display via MITB attacks which attempt to either manipulate payments or harvest additional user credentials like social security number, credit card number or PIN.
Man vs. machine protection – Defends against advanced Trojans using automated script attacks to fraudulently add payees and transfer money to mule accounts. RSA Adaptive Authentication software utilizes innovative Man vs. Machine protection to determine whether mouse or keystroke movements are associated with data input. Additionally, the RSA Adaptive Authentication solution differentiates between users who have the browser auto complete feature turned on and can adjust the risk score accordingly.
Proxy attack detection – Cybercriminals utilize proxy attacks to log on to banks from a proxy IP address that can allow penetration of user accounts via the genuine end user IP to gain positive device identification. RSA Adaptive Authentication solutions determine when a login or transaction is being performed via a proxy which is anomalous to the user by identifying the true IP used, and dynamically adjusts the risk response appropriately.
Spotlight
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
Ransomware adds password stealing to its arsenal
Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Hacking charge stations for electric cars
Posted on 15 May 2013. | Ofer Shezaf talks about what charge stations really are, why they have to be ‘smart’ and the potential risks created to the grid, to the car and most importantly to its owner’s privacy and safety.
Daily digest
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
Weekly newsletter
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
