.@paulg Attackers go with what works best, not wasting 0-days unless it's necessary. Phishing is very effective and cheap.
-
-
-
imagine burning a 0 day on p@ssw0rd
End of conversation
New conversation -
-
-
Did anyone else find it odd how easily smart people bought the conspiracy theory that Russia hacked US elections with no evidence?
-
I also found it odd that it wasn't a big deal for two months, then was.
-
Apparently conspiracy theories are like cult movies: appreciated long after the initial theater run.
End of conversation
New conversation -
-
-
probably much easier to phish
-
It also preserves cut-out deniability if you can do it without using proprietary GRU solutions.
End of conversation
New conversation -
-
-
You don't waste 0day on people who click things.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
no need to break out the big guns if a simpler tool works, right?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
not for a gmail account. but social engineering is easier than breaking encryption
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Better deniability via phishing? Use of a high value 0-day dramatically reduces set of plausible attackers.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
neither side would want it to be known if Russia had root access
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Why burn an 0-day if phishing will work?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Wasn't it his Gmail account?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
.
@paulg Why (1) limit the number of potential attackers by demonstrating sophistication? and (2) why waste a 0-day where phishing works?Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Might have been easier to phish without risking a 0-day? I assume they tried several techniques, that one worked.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
why waste 0-day if simpler method works
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
without a phish how would they know the right machine to hack?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Hackers sent dimple phishing link to DNC. And 1/3 or them clicked it.
@bozhobgThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.