Most attackers are not skilled enough to rewrite an exploit, so that they will fly under the radar. You have to defend against the 99%, not the 1%. Chances are high, that you won't notice the 1% anyway. Don't sink your money into the 1% before the 99%.
-
-
-
Most attackers are as lazy as most defenders I'd say. It's a spiral of escalating laziness ;-)
- Još 1 odgovor
Novi razgovor -
-
-
Truth is, 98% of attackers use your tools exactly as you've dropped them....until the top 5 AVs detect them...and then attackers modify with lazyness untill it bypasses the top 5...infinite loop...until the tool becomes obsolete/irrelevant.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
China has no time for modifying tools, China needs to rar that shit and exfil.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
That's very true. But at the same time I think it's worth asking if you're covered for an attack when the evasion of a rule comes down to shuffling command line args.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Oddly enough, the same is true for the blue side. Most defenders I've seen will download a tool, and if they use it, will use it only in the most obvious manner, without ever adapting or modifying it, nor RTFM.
- Još 2 druga odgovora
Novi razgovor -
-
-
Good news for defenders.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Drop a tool, drop a detection.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.