RSA Says SecurID Hack Based On Phishing With Flash 0-Day

Trailrunner7 writes "RSA confirmed on Friday that the attack that compromised the company's high-value SecurID product was essentially a small, targeted phishing campaign that included a payload of a malicious Flash object embedded in an Excel file."

Re:And then people wonder

[node+3]

How does that even make any sense? iOS is quite secure, including not being vulnerable to Flash exploits, and if Steve Jobs only wants people to use iOS as "toys", why does Apple sell five creative and business apps for it?

Just because iPhone is a cool phone doesn't make it the best at everything.

I wonder where you got the idea that anyone is claiming that it is.

You can hack an iPhone by visiting a webpage,

Not anymore.

it also got hacked the 2nd day of pwn2own.

Everything gets hacked at pwn2own.

iPhone is a lot like Windows when it comes to people trying to PWN it, so I would say it is probably one of the riskiest phones you can use.

You would say that, but that doesn't make it true. Risk requires actual malicious code. Android is many orders of magnitude more risky than iOS, due to the simple fact that there has been plenty of malware for Android (some of which distributed on the Android Market). The only iOS malware that has ever existed has been for jailbroken devices--which is to say, for devices which the user has deliberately compromised the security of their device.

How you can think this is the sign of a "risky" OS is beyond me.

Remember, Google has had to use their remote "kill switch" on multiple occasions. The very same "kill switch" that everyone got all worked up over when it was presumed that Apple had it on iOS, but has never actually used.