RSA Compromise Associated with Solitary Phishing E-Mail, Claims F-Secure
According to F-Secure, an e-mail containing an Excel document of the booby trapped kind that an EMC recruiter received helped for hacking into a highly revered computer security firm namely RSA. Business Center published this dated August 26, 2011.
Reportedly, having a text, which suggests that the e-mail sender is forwarding the document for examination by the e-mail recipient after clicking and viewing it, the message probably is maliciously responsible for attackers to breach the online security of RSA followed with capturing its extremely secret data.
Moreover, after getting dispatched on March 3, 2011, the e-mail was uploaded to the non-chargeable scan engine VirusTotal on March 19, 2011, forty eight hours following RSA's public disclosure that some PC attackers had broken into its security in the most horrible kind that ever happened.
Security investigators at F-Secure say for sure that the e-mail was the thing which resulted in the RSA hijack. In case real, the discovery gives indication of the trickery's type which was actually social engineering.
Incidentally, Timo Hirvonen anti-malware analyst at F-Secure found the e-mail deep inside the innumerable offers stacked within the massively-sourced database comprising potentially alternatively actual malevolent files. CFO World reported this on August 26, 2011.
And while the computer security firm has issued certain particulars of the hack, what Hirvonen has found immediately shows whatever it took for tricking the EMC worker into clicking on the dangerous attachment.
In reality, 2 separate phishing e-mails were dispatched over 2 days to the RSA employees of small batches, however, no one external to the firm or from its main organization EMC was aware of the entire matter within those messages. Nor was it evident whether they were put to scan under VirusTotal.
Nevertheless, according to CTO and Co-Founder Alex Stamos of iSEC Partners, the incident at RSA is all the time marked as one extremely advanced online assault, which is a highly awkward situation for the firm. He adds that it goes to prove that there's never dearth of somebody in a fairly big organization who acts somewhat stupidly. Security.nl published this in news on August 26, 2011.
Related article: RSA Attendees Responsible for Wireless Vulnerability
» SPAMfighter News - 06-09-2011