By Gregg Keizer April 3, 2011 07:45 AM ET
Computerworld - Last month's hack of RSA Security began with an exploit of a then-unpatched vulnerability in Adobe Flash Player, the company confirmed Friday.
According to RSA, attackers gained access to its network by sending two small groups of employees e-mails with attached Excel spreadsheets. One of those employees opened the attachment, which was titled "2011 Recruitment plan.xls."
Last week's description of the Flash attack vector helps explain the reaction of Adobe and others to the flaw, and shows that RSA was hacked at least several days before the company went public.
RSA first reported the attack and the data theft late on Thursday, March 17.
Three days before that, however, Adobe had issued a security advisoryacknowledging that attackers were exploiting an unpatched bug in Flash Player using tricked-out Excel documents.
For full article, see:
|< Prev||Next >|