Follow up – RSA SecurID servers hacked

Following up to the mid-March report that RSA had been hacked, it appears that Adobe Flash was ultimately behind the exploit. MS Excel documents embedded with Flash files (.swf) that exploited a zero-day Flash vulnerability, were opened by an RSA employee installing the Poison Ivy remote admin tool. This provided hackers access to RSA’s corporate networks where they searched for and uploaded sensitive information to external servers.
While Flash has become a bastion of woeful vulnerability, this case provides a good reason to upgrade your enterprises to Office 2010. 2010 leverages DEP (Data Execution Prevention) and sandboxes files inside of office files, via “Protected View.” Had RSA been running Office 2010, this breach would not have happened.
[via NetworkWorld]

No comments:

Powered by Blogger.