Blog

Beside the list you are seeing below, VSEC also has many other articles presented in Vietnamese for Vietnam bloggers to find out. Press()for more information.

In January 2017, the Vietnamese Prime Minister approved a non-cash payment project for the 2016-2020 period, paving the way for online transaction development. Nowadays, information technology is widely used in all sectors of the economy. In particular, information security in online transactions plays an important role. The proportion of online transactions is increasing, which has been shown in e-commerce sales reaching over $4 billion and growth rate 37% in 2015 (according to an e-commerce report by the Ministry of Industry...

Abstract: The malware, designed by human, often inhabits the servers to steal the information and to destroy the computer systems. This analysis aims to find out, in the case of the company (real name is not exposed by the permission), how the malware infected the server, and to assess the malware’s relationship with external objects. We conclude that this malware was sophisticatedly designed by some experts on the malware. There are also many evidences of an international cooperation in this attack. For our...

In July, the large service providers in Vietnam (name is deducted due to privacy reason) were attacked, which has been causing serious consequences. At the time, we found a very new malware sample and selected it to analyze and publish this report to aware the community. We found another malware that had been stored in directory: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\ with suspicious name VNA.exe. Filename VNA.exe MD5 8014C13AD413AAFB4B5C439209D5CC03 SHA1 2DC2022F5D96F9470C20BCE814D266E48B312AA1 VNA.exe The primary function of VNA initializes the environment, install the files into the system. Anti-debug, Anti-VM, Anti-AV The malware...

It was a Friday of last May. A client pulled me from the air conditioner to meet him. His department took over the website’s company from another team. His company is service provider and the website is a portal that is serving over 1 million customers natonalwide. Through the portal, user can view their spend . And he needs the support from us to penetrate the security matters of the portal: finding the security weakness, showoff the data leakage if...

Analyzing dropper: A fake email attached a document containing code to exploit the vulnerability software (MIME-version: 1.0). This document used CVE-2012-0158 to install malware into a computer. Figure 1. A document in the email was encrypted by base64 The shellcode decoded itself and saved “xpsfiltsvcs.tmp” file in the %TEMP% folder. Then, it added a “Software\Microsoft\Windows\CurrentVersion\Run\” Regedit key of a “rundll32.exe %TEMP%\ xpsfiltsvcs.tmp,XpsRegisterServer” value to execute the malware when the computer started. Figure 2. The shellcode decoded itself by the XOR algorithm. Analyzing payload: A payload was...

In previous article, we talk about how to get data from account bank number in mobile banking application. In this article, we talk about how we help them to fix this serious security flaw. Indirect Reference Map An indirect reference map is a substitution of the internal reference with an alternate ID. It is used for mapping from a set of internal direct object references (i.e. database keys, filenames, etc.) to a set of indirect reference that can be safely exposed externally....

The retail banking industry is booming in Vietnam in recent years. Many banks invest for retail business through improve customer service. Mobile banking is one of the hot topics, every bank already had or soon to have mobile banking and mobile apps for their customers use. Winter season is nebulous in Vietnam and the repetitive company work make me so bored. I need a fresh air. Luckily, a commercial bank contacted us for help them identify the security risks on...