[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Email based attack on University



Interesting story.

I am missing technical details.
I do not understand how preview of e-mail can result in hackers stealing
userid and password, what kind of mail program was used?

It say
"The attack on ANU was possible because of the university's old computer
network"

I prefer to use Debian Stable on my server, and expect mail programs are
safe to use - Exim, Dovecot and SquirrelMail.
I am not aware of a security case on Debian where it is possible per
e-mail preview to get password of user.

/Torben


> On Wed, 2 Oct 2019, at 10:03, Keith Bainbridge wrote:
>
>> Details are at
>>
>> https://www.abc.net.au/news/2019-10-02/anu-cyber-hack-how-personal-information-got-out/11550578
>> https://www.abc.net.au/news/2019-10-02/the-sophisticated-anu-hack-that-compromised-private-details/11566540
>
> It seems to me that everything follows from whatever access the initial
> 'unclicked email' malware
> gave to the hackers.
>
> But how can malware jump from an email that's not "clicked", into some
> part of the university's
> systems?
>
> Unless... the email was being viewed via a webmail system running on a
> server not owned by the
> university?
>
> Then... is this just malware of the sort that any website could deliver to
> any visitor?
>
> Even if it was, one might expect the viewer to have been using a desktop
> PC of some sort, with -
> surely - whatever anti-malware software the university deems appropriate
> for their PCs?
>
> Or... do all their staff use a mish-mash of personal devices, and those
> don't have to have any
> anti-malware apps on them?
>
> --
> Jeremy Nicoll - my opinions are my own.
>
>


-- 
Torben Schou Jensen
Swamp Thing
Homepage: http://swampthing.dk/~tsj/
Skype: swampthing38



Reply to: