EMC’s RSA division has that it was compromised by a spear-phishing attack — aka spoof emails — that used a zero-day Adobe Flash vulnerability. The attacker sent two batches of emails with “2011 Recruitment Plan” as the subject line to two small groups of EMC employees with an Excel spreadsheet attached. The spreadsheet included an embedded Flash file that executed malicious code, enabling the attacker to gain full access to the PC and install software to more easily control it remotely. RSA still offered no details on the information the attacker stole.”]
Source: https://www.darkreading.com/attacks-breaches/rsa-details-securid-attack-mechanics