On 10/2/19, Henning Follmann <hfollm...@itcfollmann.com> wrote: > On Wed, Oct 02, 2019 at 10:40:34AM +0100, Jeremy Nicoll wrote: >> On Wed, 2 Oct 2019, at 10:03, Keith Bainbridge wrote: >> >> > Details are at >> > >> > https://www.abc.net.au/news/2019-10-02/anu-cyber-hack-how-personal-information-got-out/11550578 >> > https://www.abc.net.au/news/2019-10-02/the-sophisticated-anu-hack-that-compromised-private-details/11566540 >> >> It seems to me that everything follows from whatever access the initial >> 'unclicked email' malware >> gave to the hackers. >> >> But how can malware jump from an email that's not "clicked", into some >> part of the university's >> systems? > > Well, somebody is not telling the truth.
With so much left out of the public report, lying hardly seems necessary. Take a look at https://portal.msrc.microsoft.com/en-us/security-guidance select severity: critical & remote code execution, security feature bypass & information disclosure inpacts. Which security patches seem applicable here? >> Unless... the email was being viewed via a webmail system running on a >> server not owned by the >> university? What if the email was being viewed via webmail using Windows Internet Explorer? Regards, Lee
