Secure Coding mailing list archives
Re: informIT: Modern Malware
From: Gary McGraw <gem () cigital com>
Date: Sat, 26 Mar 2011 12:34:03 -0400
Agreed. Now all you need to do is convince the people who need to solve the problem that you have a pointer for them to use without a label?? The market (probably because of the marketing types) is discussing and wanting solutions for "the APT problem." To see how embedded this language is in the current discourse, look no further than the RSA SecureID problem "explanation" that is being proffered in lieu of a real technical explanation of what happened. Welcome to commercial security. gem On 3/26/11 9:52 AM, "Haroon Meer" <haroon () thinkst com> wrote:
Heya Gary (all) On Sat, Mar 26, 2011 at 3:32 PM, Gary McGraw <gem () cigital com> wrote:I agree that the APT term is overused by the marketing types. In this case you can translate it as malware that infects a server or an ad network and is "served up" to unwitting victims in a drive by download.>Malware distributors look for good distribution channels, and the ad-server provides one. While it is a Threat, it's no more Advanced than we have seen before. It isn't more "Persistant" than Stoned [1] was on a disk.What would you call it haroon?In truth, i would avoid giving it a new name. Drive by download: Yes. APT: No /mh [1] http://en.wikipedia.org/wiki/Stoned_(computer_virus) -- Haroon Meer | Thinkst Applied Research http://thinkst.com/pgp/haroon.txt Tel: +27 83 786 6637
_______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- informIT: Modern Malware Gary McGraw (Mar 22)
- Re: informIT: Modern Malware Andy Steingruebl (Mar 23)
- Re: informIT: Modern Malware Gary McGraw (Mar 23)
- Re: informIT: Modern Malware Andy Steingruebl (Mar 23)
- Re: informIT: Modern Malware Haroon Meer (Mar 26)
- Re: informIT: Modern Malware Gary McGraw (Mar 26)
- Re: informIT: Modern Malware Haroon Meer (Mar 26)
- Re: informIT: Modern Malware Gary McGraw (Mar 26)
- Re: informIT: Modern Malware Gunnar Peterson (Mar 26)
- Re: informIT: Modern Malware John Wilander (Mar 26)
- Re: informIT: Modern Malware Kevin W. Wall (Mar 26)
- Re: informIT: Modern Malware Gary McGraw (Mar 27)
- Re: informIT: Modern Malware Gary McGraw (Mar 23)
- Re: informIT: Modern Malware Andy Steingruebl (Mar 23)
- Re: informIT: Modern Malware Arian J. Evans (Mar 26)
- Re: informIT: Modern Malware AK (Mar 26)
- <Possible follow-ups>
- Re: informIT: Modern Malware Rafal Los (Mar 27)