F-Secure found the file that was used to hack RSA and compromise the SecureID system. Kim Zetter of Wired News has more here.
This week Finnish security company F-Secure discovered that the file had been under their noses all along. Someone — the company assumes it was an employee of RSA or its parent firm, EMC — had uploaded the malware to an online virus scanning site back on March 19, a little over two weeks after RSA is believed to have been breached on March 3. The online scanner, VirusTotal, shares malware samples it receives with security vendors and malware researchers.
RSA had already revealed that it had been breached after attackers sent two different targeted phishing e-mails to four workers at its parent company EMC. The e-mails contained a malicious attachment that was identified in the subject line as “2011 Recruitment plan.xls.”
None of the recipients were people who would normally be considered high-profile or high-value targets, such as an executive or an IT administrator with special network privileges. But that didn’t matter. When one of the four recipients clicked on the attachment, the attachment used a zero-day exploit targeting a vulnerability in Adobe Flash to drop another malicious file — a backdoor — onto the recipient’s desktop computer. This gave the attackers a foothold to burrow farther into the network and gain the access they needed.
The Cobham catalog, exposed by The Intercept, features countless pages of surveillance gadgets sold to U.S. police to spy on American citizens: tiny black boxes with a big interest in you. In the creepily bland feature lists and nerdy product names is a whisper of a dark future; perhaps darker than anyone can imagine.
This image depicts the most commonly-found stylesheet colors on the web’s top sites—Paul Hebert did an amazing amount of analysis and this is just one of the intriguing visualizations he came up with. Most of these are obvious staples, especially HTML red and blue, though it’s interesting how far the blue “cluster” is from the […]
With the cacophony of an election year ablaze with unparalleled drama being fought on the front lines of Twitter, we find ourselves slowing down and staring at it like a bad accident. The need for escapist relief is perhaps more dire than usual right now. This fall, if it’s drama you crave, but the Hillary […]
Geek Fuel is a subscription delivery service that caters to those of us that love comics, gaming, and general geek culture. Every month, Geek Fuel will assemble a box of goodies with a value of $50 or over. The specific items are a mystery, but you’ll always get an exclusive t-shirt not found anywhere else, a full […]
If you like to DIY and you like helicopters, you’re going to really love the Flexbot Hexacopter Kit. This copter blows traditional models out of the water: it includes everything you need to actually build your own hexacopter, and then pilot it like a pro, too.The construction is complicated enough to give you a challenge, […]
This week’s top deals from the Boing Boing Store range from lobster to wine to desk organization. 1. Get Maine Lobster (50% Off)With these discounted packages from Get Maine Lobster, you can experience the sweet, fresh flavor of world-renowned Maine lobster right at your own dinner table. There are four options to choose from, each at […]