If you haven’t heard already security buff RSA was hacked through an unpatched exploit in the Adobe Flash Player application. RSA specializes directly in internet technology and business security, with their biggest resource attributed to the SecurID platform. RSA also manages a large “fraud center” which offers leading news and information on protecting both your business and personal lifestyle from serious identity theft.
Adobe Exploit Identified In Microsoft Excel Document
RSA identified in a public statement that the hackers gained access by sending out a batch e-mail to a group of employees that contained attached Microsoft Excel format spreadsheets. The spreadsheet, disguised as a company wide e-mail labeled “2011 Recruitment Plan.xls”, was unfortunately opened by one of the employees. At the time the e-mail was opened, the Excel spreadsheet contained an inclusion known as the “zero-day” exploit, which took advantage of a vulnerability in Adobe’s Flash Player application.
Using a hacker’s version of a remote administration tool (RAT) the deviants then collected important data and information from the employee’s computer (passwords, user-names, sensitive information, etc.) and stored the collected data on an external server they owned and controlled.
Apparently the target of the attack was a series of data files related to RSA’s SecurID application. SecurID uses two-factor authentication support (passwords and pins, and authenticator IDs) to ensure more enhanced system security, which basically makes hacking a system protected with the software an increasingly difficult process. Obviously the hackers were looking to create a more evident strain