RSA Attack – More details

Sopho’s “Naked Security” blog posted a summary of the recent attack that targeted RSA. We learned that the hackers used a typical vector – 0-day vulnerability – coupled to some social engineering (people would open a file containing an exploit against the vulnerability) and a little bit of web server break in.

What we can learn from that is that, while it’s important to use up-do-date IPS devices, in the case of 0-days, behavioral analysis is the way to go. Of course, it’s required only to protect the most sensitive parts of the network, but this story illustrates what bad can happen if you don’t (not to say RSA didn’t detect the attack at all, because apparently they did).


About acastaner

I'm the EMEA Technical Lead for Application & Security at Spirent. I specialize in layer 4-7 technologies, Cloud, Programming and CyberSecurity.
This entry was posted in General and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s