[Dailydave] Failing at Segue
Dave Aitel
dave at immunityinc.com
Tue Dec 10 15:24:17 EST 2013
People are strange. For example, they often say "You have to assume you
are compromised!" and then in the very next breath they are buying more
perimeter equipment like Fireeye and WAF and whatnot. Likewise, people
measuring "click-rates" on how many people clicked a phishing email, but
a lot of the best client-side attacks are after hackers penetrate into
your network. You don't see that much of it in the public eye because a)
it's much harder to see, and b) it doesn't sell perimeter protection
devices and security awareness training, but this was the attack Flame
did to great success. One area Immunity does this a lot with is in
Wireless penetration tests since SILICA has it built in, and it's a lot
easier to target workers in Starbucks than anywhere else.
One of the rules of hacking without getting caught is quite obviously
"Get close to your target" - if for no other reason than to avoid the
global surveillance nets on the major fiber lines.
I have no good segue today but regardless, this talk from last year's
INFILTRATE is pretty awesome and everyone should buy their tickets and
submit their talks now:
http://infiltratecon.com/heap.html
-dave
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20131210/8346a8e0/attachment.sig>
More information about the Dailydave
mailing list