Few things sent shockwaves to all corners of the security community like news in March that RSA’s popular SecurID two-factor authentication tokens had been rendered all but useless by a small but cleverly targeted phishing campaign that included a payload of a malicious Flash object embedded in an Excel file. Once inside RSA’s networks, the hackers feasted on SecurID user data from corporate customers and other organizations that used the tokens to grant access to corporate networks, e-mail and other sensitive assets. Despite assurances that SecurID’s effectiveness had only been marginally compromised, RSA was forced to recall 40 million of the tokens in June.
What About Fob?
Few things sent shockwaves to all corners of the security community like news in March that RSA’s popular SecurID two-factor authentication tokens had been rendered all but useless by a small but cleverly targeted phishing campaign that included a payload of a malicious Flash object embedded in an Excel file.
