Secure Coding mailing list archives
Re: informIT: Modern Malware
From: John Wilander <john.wilander () owasp org>
Date: Sat, 26 Mar 2011 19:38:15 +0100
A positive side effect of many vendors being US-based is that the US market takes most of the buzzword marketing hit. :) On a more serious note, I think there really are APTs out there, state-driven and all. The problem is when organizations use the term to get away with sub-standard security or to motivate why they can't tell you any details of a recent hack. We need to define what is required for a threat/an attack to be APT. State-driven and funded? 0-day(s) used? Tailor-made exploit for the target? That way we can at least interpret what RSA and others are saying. Right now I can only interpret their statements as "We got owned but we'll loose too much business if we tell you what happened. Just trust us instead." And I really hope that's not the truth. Continued Business by Obscurity Regards, John Sent from my iPad On 26 mar 2011, at 18:12, Gunnar Peterson <gunnar () arctecgroup net> wrote:
Advanced = goes through firewall Persistent = tried more than once Threat = people trying to get into valuable stuff Nothing new to sc-l readers, but a Reasonably good marketing term esp by infosec standards (yay we get to scare business people with something other than an auditor's clipboard!); really its all just the collective sound of infrastructure security people coming to grips with the fact that their firewall isn't a wall at all, but rather a series of holes. -gunnar _______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
_______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- informIT: Modern Malware Gary McGraw (Mar 22)
- Re: informIT: Modern Malware Andy Steingruebl (Mar 23)
- Re: informIT: Modern Malware Gary McGraw (Mar 23)
- Re: informIT: Modern Malware Andy Steingruebl (Mar 23)
- Re: informIT: Modern Malware Haroon Meer (Mar 26)
- Re: informIT: Modern Malware Gary McGraw (Mar 26)
- Re: informIT: Modern Malware Haroon Meer (Mar 26)
- Re: informIT: Modern Malware Gary McGraw (Mar 26)
- Re: informIT: Modern Malware Gunnar Peterson (Mar 26)
- Re: informIT: Modern Malware John Wilander (Mar 26)
- Re: informIT: Modern Malware Kevin W. Wall (Mar 26)
- Re: informIT: Modern Malware Gary McGraw (Mar 27)
- Re: informIT: Modern Malware Gary McGraw (Mar 23)
- Re: informIT: Modern Malware Andy Steingruebl (Mar 23)
- Re: informIT: Modern Malware Arian J. Evans (Mar 26)
- Re: informIT: Modern Malware AK (Mar 26)
- <Possible follow-ups>
- Re: informIT: Modern Malware Rafal Los (Mar 27)