RSA hackers exploit Adobe flaw
RSA reveals how its servers were compromised after hackers used spear phishing, an Excel document and an Adobe Flash vulnerability.
Whilst RSA received praised for the speed at which it informed customers of the breach and offered remedial guidelines, not all were so impressed by the company's handling of the situation.
Avivah Litan, vice president and distinguished analyst at Gartner, noted how RSA did not use the methodology it sold to customers in house.
If it did, the security arm of EMC would have performed better in coping with the attack, Litan suggested.
"RSA sells its own fraud detection systems based on user and account profiling ... to spot abnormal behavior and intervene in real time to re-authenticate users and verify the authenticity of suspect access, behaviour, or transactions," she said in a blog post.
"They should have applied these techniques to their own internal systems. They need to stay innovative and apply the lessons learned from serving their clients to their own internal enterprise systems."
-
OpenAI expands 'Daybreak' cyber program: New tools, partnerships, and a cyber-focused GPT-5.5 aim to help 'patch the world'News The company has added new tools, signed up partners, and released its GPT-5.5-Cyber model more widely
-
AI is shrinking attack windows, and it’s forcing a complete rethink of cyber resilience – here’s how organizations can prepareNews Commvault has urged companies to improve their business continuity and resilience plans in the face of flaws spotted by AI
-
Anthropic targets vulnerability detection gains with Claude Security public beta — here's what users can expectNews The Claude Mythos developer is aiming for a more limited approach to cyber tooling for public consumption
-
Researchers warn millions of RDP and VNC servers are wide open to exploitationNews Researchers at Forescout spotted millions of RDP and VNC servers exposed online
-
Brace yourselves for a vulnerability explosion, Forescout warnsNews AI advances are helping identify software flaws at record pace and scale, but that's not the good news some would think
-
The key risks security teams face in 2026From AI-related flaws to supply chain risks, cyber professionals now contend with overlapping challenges
-
Observability will be key to agentic AI safety, says Microsoft Security execNews Agentic AI adoption will require a re-evaluation of enterprise risk management, according to Microsoft corporate VP
-
Enterprises need to think of agents as ‘digital co-workers’ – and that means implementing the same security safeguardsNews Practices such as zero trust and least privilege will be needed as agents gain access to sensitive enterprise data
