Published on 2011-06-07 by John Collins. Please follow me on Twitter for more:
RSA has finally admitted that their SecurID key ring fobs, widely used for generating secure tokens for two-factor authentication, have been compromised and will need to be replaced or their continued usage closely monitored. The news follows a number of high-profile cracks of systems belonging to US military contractors, like Lockheed Martin.
Considering how widely used these token generators are in large enterprises for VPN (Virtual Private Network) access and other authentication procedures, this crack has wide-reaching implications. More details via the Wall Street Journal: