RSA Security, maker of the SecureID two-factor authentication system used in many encryption systems and VPN/Remote Access products, was successfully attacked with an “Advanced Persistent Threat”. The APT involved a small number of e-mails specifically targeted to the individuals contacted (spear phishing), a bit of social engineering in the e-mail and finally a malcode exel spreadsheet attachment that exploits a 0-day Adobe Flash vulnerability, that Adobe has since patched.
The RSA CIRT team apparently caught it while ‘ongoing’. Read about it on the RSA blog. Surprisingly forthcoming about the ‘how they got in’, not so much about the ‘what was stolen’.