Tools, Techniques, Procedures of the RSA Hackers Revealed

An anonymous reader writes "Details of the tools, techniques and procedures used by the hackers behind the RSA security breach have been revealed in a research paper (PDF) published by Australian IT security company Command Five. The paper also, for the first time, explains links between the RSA hack and other major targeted attacks. This paper is a vendor-neutral must-read for any network defenders concerned by the hype surrounding 'Advanced Persistent Threats.'"

Yummy. Digitally signed root kits.

[sgt+scrub]

IMHO the most important thing in the article is that the malware was digitally signed. This exposes the weakness in digital signatures. Not only for applications and modules(drivers) but UEFI and all of the other "secure boot" ideas.