SecureID compromised

RSA Security will be replacing the 40 million SecurID tokens currently in use as a result of a reported attack on RSA last March. The company recently sent a letter to customers acknowledging that SecurID failed to protect defense contractor Lockheed Martin and several other clients as a result of the attack.

SecurID tokens are used in two-factor authentication systems. Two-factor authentication has been considered by many to be the gold standard for secure IT access. The idea is that you must have two things, something you have (such as a token) and something you know (such as a password).

SecurID is the token, which will present a number to the user that changes every 30 seconds. The algorithm that matches the number to the token may be part of what was stolen from RSA's data systems. The thieves now have one of the two factors figured out, so if you have a weak password as the second factor, the thieves will be able to penetrate your secure system.

More details can be found here.

One time use anti-virus/anti-malware software

You can get a free PC safety scan by using the Microsoft Safety Scanner, a free downloadable security tool that provides on-demand scanning and helps remove viruses, spyware and other malicious software. It works with your existing anti-virus (AV) software.

The Microsoft Safety Scanner expires 10 days after being downloaded. To rerun a scan with the latest anti-malware definitions, download and run the Microsoft Safety Scanner again. This tool is not a replacement for using an AV software that provides on-going protection.

So why would you use this scanner? It is good for those times when you think you might have a virus or you don't trust that your usual AV software is catching all the threats out there. This tool allows you to run a one-time, on-demand scan, and works as a good "backup" security tool for your PC.

Learn more and download at http://www.microsoft.com/security/scanner/en-us/default.aspx