Full Disclosure mailing list archives
Re: Macro threats
From: Valdis.Kletnieks () vt edu
Date: Tue, 05 Jun 2007 13:37:00 -0400
On Tue, 05 Jun 2007 11:37:53 EDT, "Muscarella, Sebastian (IT)" said:
Wanted to ask this forum's opinion on the state of macro threats. While we have not seen too many this past year which were actively exploited, we wanted to know if there are any indications on whether this threat would increase, decrease, become more sophisticated in the next year or two.
This is entirely dependent on how good a job the industry does in getting rid of even lower-hanging fruit. It's not going to go on a major burn as "big threat" as long as users keep on "ooh shiny!" clicking and similar easy ways to get your code run on the target. Of course, this also depends at least somewhat on what your threat model looks like. What you're likely to see in targeted attacks specifically aimed at your organization will be vastly different from the "mass market" threats. Also, beware of internal threats - things like subtly tweaked Excel files (consider things like "column 94 equals sum of columns 34, 38, 41, and 48, plus 0.25%" - what happens if some disgruntled employee changes that to 0.27%?) Or forged backstabbing memos/documents, etc etc. I wouldn't worry about macro threats until you've got a handle on those issues....
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Macro threats Muscarella, Sebastian (IT) (Jun 05)
- Re: Macro threats Valdis . Kletnieks (Jun 05)
- Re: Macro threats matthew wollenweber (Jun 05)
- Re: Macro threats Jay Sulzberger (Jun 05)
- Re: Macro threats Randal T. Rioux (Jun 05)