Monday, April 11, 2011

Anatomy of the RSA compromise

This blog post from the RSA explains how the attackers gained access to their data.

In a nutshell, the attackers used social engineering to let an employee open an Excel Spreadsheet that contained a Flash object  ( zero-day CVE-2011-0609). Once they back-doored the computer, they used the credentials to gain further access on the network (privileged accounts and systems) and they stole the data.

No comments:

Post a Comment