Dailydave mailing list archives
Re: Hacker opsec case study
From: "Dominique Brezinski" <dominique.brezinski () gmail com>
Date: Thu, 19 Apr 2007 09:59:27 -0700
I think Dave's point was related to how far they got once they had their foot in the door on one workstation. I have a lot of experience related to assessing the risks associated with workstation compromise through client-side/data-driven exploits and first-hand experience seeing how far a skilled adversary can get. Dave seems to be saying this serves as a good case study to that affect, which I would agree with. Dom On 4/19/07, Pete Herzog <lists () isecom org> wrote:
I think this says more about the poor defensive technique of "patching" and reliance upon it than about the 0day itself. -pete. Dave Aitel wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://news.yahoo.com/s/ap/20070419/ap_on_hi_te/hackers_state_department This is a great article from the perspective of "How long in the State dept. does one Word 0day buy you." It's like a hacker opsec case study. - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGJwA5tehAhL0gheoRAvbmAJ9YSgtu9fBKuJqoCkbrBWSeEbtIngCdEn/R YL/rw3zpGJS5FCY3h2/zW4A= =ydkC -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Hacker opsec case study Dave Aitel (Apr 18)
- Re: Hacker opsec case study Pete Herzog (Apr 19)
- Re: Hacker opsec case study Dominique Brezinski (Apr 19)
- CFP it1tk1 '07 El Nahual (Apr 24)
- Re: Hacker opsec case study matthew wollenweber (Apr 19)
- Re: Hacker opsec case study Pete Herzog (Apr 19)