If a USG entity buys an exploit from VUPEN, it's to write an Einstein sig for it.
-
-
Replying to @dguido
@msolnik@ncardozo@daveaitel I disagree. You get in with the most public thing you can get in with.2 replies 0 retweets 5 likes -
Replying to @0xcharlie @msolnik and
IMHO VUPEN bugs aren't disclosed widely enough for non-attrib benefits. exploit-db, MSF, yes.
1 reply 0 retweets 3 likes -
if you can pay 100k for an exploit that gets you on a target and doesn't expose your vulns, why not?
2 replies 0 retweets 2 likes -
Replying to @0xcharlie @msolnik and
As an IR analyst, would love that signal. Informs severity of incident, assists in attribution.
3 replies 0 retweets 4 likes
Replying to @dguido @0xcharlie and
If someone uses code from exploit-db or MSF, tells me nothing. Only that attacker knows copy-paste.
9:44 AM - 13 Aug 2016
0 replies
0 retweets
3 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.