Dailydave mailing list archives
Failing at Segue
From: Dave Aitel <dave () immunityinc com>
Date: Tue, 10 Dec 2013 15:24:17 -0500
People are strange. For example, they often say "You have to assume you are compromised!" and then in the very next breath they are buying more perimeter equipment like Fireeye and WAF and whatnot. Likewise, people measuring "click-rates" on how many people clicked a phishing email, but a lot of the best client-side attacks are after hackers penetrate into your network. You don't see that much of it in the public eye because a) it's much harder to see, and b) it doesn't sell perimeter protection devices and security awareness training, but this was the attack Flame did to great success. One area Immunity does this a lot with is in Wireless penetration tests since SILICA has it built in, and it's a lot easier to target workers in Starbucks than anywhere else. One of the rules of hacking without getting caught is quite obviously "Get close to your target" - if for no other reason than to avoid the global surveillance nets on the major fiber lines. I have no good segue today but regardless, this talk from last year's INFILTRATE is pretty awesome and everyone should buy their tickets and submit their talks now: http://infiltratecon.com/heap.html -dave
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Failing at Segue Dave Aitel (Dec 10)
- Re: Failing at Segue Dave Dittrich (Dec 11)
- Re: Failing at Segue Anton Chuvakin (Dec 12)
- Re: Failing at Segue Dave Dittrich (Dec 11)