Secure Coding mailing list archives
Re: informIT: Modern Malware
From: Gary McGraw <gem () cigital com>
Date: Sun, 27 Mar 2011 11:09:46 -0400
The good old dancing pigs rear their oinking heads... http://en.wikipedia.org/wiki/Dancing_pigs http://securingjava.com/ gem On 3/26/11 2:04 PM, "Kevin W. Wall" <kevin.w.wall () gmail com> wrote:
On 03/26/2011 01:12 PM, Gunnar Peterson wrote:Advanced = goes through firewall Persistent = tried more than once Threat = people trying to get into valuable stuff Nothing new to sc-l readers, but a Reasonably good marketing term esp by infosec standards (yay we get to scare business people with something other than an auditor's clipboard!); really its all just the collective sound of infrastructure security people coming to grips with the fact that their firewall isn't a wall at all, but rather a series of holes.Uh..., doesn't *most* of malware go through firewalls now days? So how is that "advanced"? In reality, "advanced" a used with APT means that malware that was clever enough to evade our normal AV defenses and socially engineer its way past the common sense of those humans who wanted to see the "dancing pigs". In short, APT is spin-doctoring for getting caught with ones pants down. -kevin -- Kevin W. Wall "The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in; we're computer professionals. We cause accidents." -- Nathaniel Borenstein, co-creator of MIME _______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
_______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- Re: informIT: Modern Malware, (continued)
- Re: informIT: Modern Malware Andy Steingruebl (Mar 23)
- Re: informIT: Modern Malware Gary McGraw (Mar 23)
- Re: informIT: Modern Malware Andy Steingruebl (Mar 23)
- Re: informIT: Modern Malware Haroon Meer (Mar 26)
- Re: informIT: Modern Malware Gary McGraw (Mar 26)
- Re: informIT: Modern Malware Haroon Meer (Mar 26)
- Re: informIT: Modern Malware Gary McGraw (Mar 26)
- Re: informIT: Modern Malware Gunnar Peterson (Mar 26)
- Re: informIT: Modern Malware John Wilander (Mar 26)
- Re: informIT: Modern Malware Kevin W. Wall (Mar 26)
- Re: informIT: Modern Malware Gary McGraw (Mar 27)
- Re: informIT: Modern Malware Gary McGraw (Mar 23)
- Re: informIT: Modern Malware Andy Steingruebl (Mar 23)
- Re: informIT: Modern Malware Arian J. Evans (Mar 26)
- Re: informIT: Modern Malware AK (Mar 26)