RSA Attack – More details

Sopho’s “Naked Security” blog posted a summary of the recent attack that targeted RSA. We learned that the hackers used a typical vector – 0-day vulnerability – coupled to some social engineering (people would open a file containing an exploit against the vulnerability) and a little bit of web server break in.

What we can learn from that is that, while it’s important to use up-do-date IPS devices, in the case of 0-days, behavioral analysis is the way to go. Of course, it’s required only to protect the most sensitive parts of the network, but this story illustrates what bad can happen if you don’t (not to say RSA didn’t detect the attack at all, because apparently they did).

Advertisements

About acastaner

I'm a Business Development Engineer at Spirent, specialized in Layer 4-7 testing, Virtualization and Automation.
This entry was posted in General and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s