[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Email based attack on University

On 10/2/19, Curt <curty@free.fr> wrote:
> On 2019-10-02, Torben Schou Jensen <tsj@swampthing.dk> wrote:
>> Interesting story.
>>
>> I am missing technical details.
>> I do not understand how preview of e-mail can result in hackers stealing
>> userid and password, what kind of mail program was used?
>>
>
> Yeah, it's better to go directly to the publicly available incident report:
>
> https://imagedepot.anu.edu.au/scapa/Website/SCAPA190209_Public_report_web_2.pdf
>

Thanks for the link!

> But the email program used by Client 0 is unspecified.

As is the operating system - or did I miss that?

Lee

> The original spearphishing email (which is assumed to have contained
> some sort of self-executable code) was deleted (too late!) and proved
> unrecoverable.
>
> Subsequent spearphishing emails, however, used Word attachments as a
> vector (Appendix A, B, and C of the report). I also note a zip file
> attachment in the Appendix.
>
> --
> "There are no foreign lands. It is the traveler only who is foreign."
> -- Robert Louis Stevenson
>
>
Reply to: