Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Aug 26, 2011
In this video you can see us opening the very email that was used to break into RSA / EMC in March 2011. The email is opened to Outlook and the attachment is launched. The attachment is an XLS file which has no content except an embedded flash object. The object shows up as a [X] symbol in the spreadsheet. Flash is executed by Excel and it uses the CVE-2011-0609 vulnerability to execute code and to drop a Poison Ivy backdoor to the system. After this, the exploit code closes Excel and the infection is over. After this, the attacker has full remote access to the infected workstation and full access to network drives that the user can access. Video done by F-Secure Labs