RSA Says SecurID Hack Based On Phishing With Flash 0-Day

← Back to Stories (view on slashdot.org)

RSA Says SecurID Hack Based On Phishing With Flash 0-Day

Posted by timothy on Friday April 1, 2011 @07:16PM from the not-straight-but-chaser dept.

Trailrunner7 writes "RSA confirmed on Friday that the attack that compromised the company's high-value SecurID product was essentially a small, targeted phishing campaign that included a payload of a malicious Flash object embedded in an Excel file."

6 of 153 comments (clear)

Min score:

Reason:

Sort:

Wait wait hold up by atari2600a · 2011-04-01 19:39 · Score: 5, Interesting

You can embed flash in excel files!? WHY WOULD YOU DO THAT
1. Re:Wait wait hold up by Joce640k · 2011-04-01 19:43 · Score: 5, Funny
  
  You don't put background music in the spreadsheets you email to people? Weird. Numbers are so boring without some Slipknot playing.
  
  --
  No sig today...
Simple question: securid seeds? by rtfa-troll · 2011-04-01 19:51 · Score: 5, Interesting

Dear RSA; speaking as a customer; we need a simple answer to the question:

has the securid seeds database been compromised?
anything else you announce is fluff.

--
=~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
1. Re:Simple question: securid seeds? by 93+Escort+Wagon · 2011-04-01 20:04 · Score: 5, Informative
  
  Dear RSA; speaking as a customer; we need a simple answer to the question:
  
  has the securid seeds database been compromised?
  anything else you announce is fluff.
  We use a LOT of SecurID tokens at our university, and the group that manages them has been way too quiet since this happened. But today they sent an email out - no mention of the RSA breach, just that they have decided to "retire the SecurID tokens early to save money" and are replacing them with a different product.
  So I'm guessing they think the seeds database has been compromised.
  
  --
  #DeleteChrome
2. Re:Simple question: securid seeds? by rtfa-troll · 2011-04-01 21:49 · Score: 5, Interesting
  
  And just to amplify this with a bit of Wikipedia manipulation; have a look at this edit which comes from 128-221-197-57.emc.com, Where EMC is RSA's parent company, which I found from this article which also includes an RSA letter which they are supposedly sending out to customers.
  Full disclosure to all affected users; it shouldn't be a matter of dispute. It should be the law.
  
  --
  =~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
Re:Thanks again ADOBE by trifish · 2011-04-01 22:32 · Score: 5, Insightful

.. for the all-present loophole known as FLUSH (and as Flash in your HQ) and also to MicroSoft for their mega-secure OLE, etc, etc
Sad part is trying to live without Flush and MS, is darned near impossible. The other massive and all-present loophole, also (hmm, note this) from ADOBE if PDF..... they should stick to writing PhotoShop and can all the other stuff they have tried and messed up.
You're kidding right? The attack did not succeed because of Flash or Microsoft. It succeeded because social engineering (phishing being the kind thereof) simply works. And it will work even if the employee is running Linux without Flash. Why? Because (wait for the suprrise here) -- drumrolls -- Linux has 0-day exploits too.