New details have emerged about the now famous RSA APT incident. As posted on their Security Blog and as mentioned on the SANS Internet Storm Center, it was disclosed that the incident started by phishing emails that contained a malicious attachment. This allowed the attacker to establish a foothold inside the organization.
What about your organization. How can you remain diligent given the details released from this attack?
1 – Use existing management tools to make sure all third party software stays up to date.
2 – Educate your users about the risks inherited by the information they post to social networking websites.
3 – Remind your users to not opening suspicious email and attachments.
4 – Continue to monitor the network for new or abnormal traffic flows.
6 – Intentionally invite your users to let you know if something seems strange. Anything at all.