https://community.isc2.org/t5/Industry-News/RSA-Authentication-Manager-backup-files-RSAbackup/m-p/4025#M402 <P>I'm auditing our RSA Authentication Manager 8.x system used for SSL VPN 2FA for remote access.</P><P>I came across a file share containing RSA backup files in YYYYMMDD####.RSAbackup filename format and RSABACKUP File types.&nbsp; Obviously this share needs to be locked down, <U>but it begs the question, what could a attacker do with this backup file?</U>&nbsp; What could they learn from it?&nbsp;&nbsp; It appears encrypted.&nbsp; If perimeter security is breached and they have internal access and stumble across this backup file, then&nbsp;they are already inside...&nbsp;</P> Thu, 30 Nov 2017 18:41:26 GMT Campbell3336 2017-11-30T18:41:26Z https://community.isc2.org/t5/Industry-News/RSA-Authentication-Manager-backup-files-RSAbackup/m-p/4025#M402 <P>I'm auditing our RSA Authentication Manager 8.x system used for SSL VPN 2FA for remote access.</P><P>I came across a file share containing RSA backup files in YYYYMMDD####.RSAbackup filename format and RSABACKUP File types.&nbsp; Obviously this share needs to be locked down, <U>but it begs the question, what could a attacker do with this backup file?</U>&nbsp; What could they learn from it?&nbsp;&nbsp; It appears encrypted.&nbsp; If perimeter security is breached and they have internal access and stumble across this backup file, then&nbsp;they are already inside...&nbsp;</P> Thu, 30 Nov 2017 18:41:26 GMT https://community.isc2.org/t5/Industry-News/RSA-Authentication-Manager-backup-files-RSAbackup/m-p/4025#M402 Campbell3336 2017-11-30T18:41:26Z