How I Cracked a Keylogger and Ended Up in Someone's Inbox

It all started from a spam campaign. Figure 1 shows a campaign we
picked up recently from our spam traps with a suspicious document file
The attachment uses the ".doc" file extension but is actually an RTF
(rich text file) file format. The file contains a specially crafted RTF
stack overflow exploit. This was determined to be the CVE-2010-3333 that
exploits the Microsoft Word RTF parser in handling the "pFragments"
shape property. This vulnerability had been patched more than half a
decade ago.
After a short while, SMTP network activity was observed where the system
information of the infected system was sent to the attacker's email

  • Senin, 01 Aug 2016
  • Penulis: Rodel Mendrez, SpiderLabs Blog (Trustwave)

Pemantauan Trafik Internet Nasional

Laporan pemantauan trafik internet nasional dengan menampilkan laporan trafik mingguan, trafik bulanan dan trafik tahunan.

Peringatan Ancaman Keamanan & Kerentanan Sistem

Kumpulan arikel tentang peringatan dini ancaman keamanan dan kerentanan sistem.

Security News

Kumpulan berita tentang keamanan siber atau IT.

Laporan Insiden

Id-SIRTII/CC menerima pelaporan insiden dari publik untuk kemudian dilakukan koordinasi kepada pihak-pihak yang berkepentingan.