If you haven’t heard already security buff RSA was hacked through an unpatched exploit in the Adobe Flash Player application. RSA specializes directly in internet technology and business security, with their biggest resource attributed to the SecurID platform. RSA also manages a large “fraud center” which offers leading news and information on protecting both your business and personal lifestyle from serious identity theft.
Adobe Exploit Identified In Microsoft Excel Document
RSA identified in a public statement that the hackers gained access by sending out a batch e-mail to a group of employees that contained attached Microsoft Excel format spreadsheets. The spreadsheet, disguised as a company wide e-mail labeled “2011 Recruitment Plan.xls”, was unfortunately opened by one of the employees. At the time the e-mail was opened, the Excel spreadsheet contained an inclusion known as the “zero-day” exploit, which took advantage of an invulnerability in Adobe’s Flash Player application.
Using a hacker’s version of a remote administration tool (RAT) the deviants then collected important data and information from the employee’s computer (passwords, user-names, sensitive information, etc.) and stored the collected data on an external server they owned and controlled.
 Apparently the target of the attack was a series of data files related to RSA’s SecurID application. SecurID uses two-factor authentication support (passwords and pins, and authenticator IDs) to ensure more enhanced system security, which basically makes hacking a system protected with the software an increasingly difficult process. Obviously the hackers were looking to create a more evident strain of exploits and vulnerabilities in the SecurID software with the collected data and information.
Apparently the target of the attack was a series of data files related to RSA’s SecurID application. SecurID uses two-factor authentication support (passwords and pins, and authenticator IDs) to ensure more enhanced system security, which basically makes hacking a system protected with the software an increasingly difficult process. Obviously the hackers were looking to create a more evident strain of exploits and vulnerabilities in the SecurID software with the collected data and information.
How RSA Handled The Adobe Exploit
A week before RSA announced the security problems to the public (Thursday, March 17) Adobe released a public announcement to reveal the exploit.

The Adobe announcement, made on March 14, stated that, “there are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an e-mail attachment.”
On March 14 it was not clearly evident to the public how serious the exploit really was, nor was it evident that RSA had actually been the target.
Adobe promised that it would release a serious update to patch the exploit, and kept it’s word after releasing an “out-of-cycle” unscheduled update on March 21.
Security issues and bugs are more common than the general public would like to think. As nothing in this world is perfect, technology is no exception to the rule. In the case of such an exploit no one is at fault, neither Adobe nor RSA; unless the flaw isn’t patched safely and securely in a timely manner (which it most certainly was).
Interestingly enough on March 17 an MSRC (Microsoft Security Response Center) manager and security engineer announced in a public blog post that Excel 2010 suffered no such security flaws. Excel 2010 uses DEP (Data Execution Protection) to protect the program from external security attacks, which means the RSA employee who opened the excel document was using an outdated version of Excel [...]
 
No comments:
Post a Comment