|
Dailydave
mailing list archives
Re: Hacker opsec case study
From: "Dominique Brezinski" <dominique.brezinski () gmail com>
Date: Thu, 19 Apr 2007 09:59:27 -0700
I think Dave's point was related to how far they got once they had
their foot in the door on one workstation. I have a lot of experience
related to assessing the risks associated with workstation compromise
through client-side/data-driven exploits and first-hand experience
seeing how far a skilled adversary can get. Dave seems to be saying
this serves as a good case study to that affect, which I would agree
with.
Dom
On 4/19/07, Pete Herzog <lists () isecom org> wrote:
I think this says more about the poor defensive technique of "patching" and
reliance upon it than about the 0day itself.
-pete.
Dave Aitel wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://news.yahoo.com/s/ap/20070419/ap_on_hi_te/hackers_state_department
This is a great article from the perspective of "How long in the State
dept. does one Word 0day buy you."
It's like a hacker opsec case study.
- -dave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGJwA5tehAhL0gheoRAvbmAJ9YSgtu9fBKuJqoCkbrBWSeEbtIngCdEn/R
YL/rw3zpGJS5FCY3h2/zW4A=
=ydkC
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
 By Date 
By Thread
Current thread:
| 
Intro
