Did you read the thread, like at all? I get the feeling you read the first tweet and called it a day.
-
-
Replying to @MalwareTechBlog @fugueish
like, the entire thread discusses that exact point from that exact perspective. Coupled with the fact you tried to explain to me earlier that people reverse patches (that is literally what I do), i can only assume you did not read the thread.
1 reply 0 retweets 1 like -
Replying to @MalwareTechBlog @fugueish
You misunderstood, nobody is trying to techsplain bindiff to you, the point is that these services are commercially available. It's misleading to say this capability is out of the reach of attackers, because analysis and exploits are available as COTS products.
2 replies 0 retweets 9 likes -
Not saying it's out of the reach of ALL attackers, just most. Only the very top percentage of attackers (nation/state & APTs) are doing this kind of work. Large majority of attackers are only using public tools.
1 reply 0 retweets 5 likes -
Replying to @MalwareTechBlog @fugueish
Right, but it's only the large majority if you include opportunistic attacks - when assessing targeted attacks, we don't measure severity by number of affected users. If you group targeted and opportunistic attacks together, sure everything pails in comparison to trivial malware.
2 replies 0 retweets 6 likes -
That was kinda the purpose of my thread. I felt like the argument being made ignores the fact that while yes, the PoCs only save sophisticated attackers time, they also give capabilities to masses of opportunistic actors who would never otherwise posses them.
2 replies 0 retweets 1 like -
Replying to @MalwareTechBlog @fugueish
Nobody is ignoring that, we have to wrestle with balancing access to research. Many reasonable people (like me... I hope) conclude that the risk of opportunistic cryptominer campaigns is an acceptable trade-off to neuter targeted ethnic cleansing, espionage, etc operations.
2 replies 0 retweets 13 likes -
I saw plenty of tweets that were basically "posting exploits doesn't cause any harm, it only save attackers dev time", which the thread was in response to. It wasn't aimed at people who are actually aware of the drawbacks and made a conscious decision it for greater good.
1 reply 0 retweets 5 likes -
Replying to @MalwareTechBlog @fugueish
I don't know for sure, but I think it's just limitation of the medium... It's pretty clear to everyone that metasploit can be abused, but also benefits tens of thousands of professionals, for example. Hard to include lots of context in a tweet.
2 replies 0 retweets 4 likes -
I'd agree if the tweets were from seasoned researchers, but they were from outsiders making absolutely insane arguments like "only attackers capable of developing exploits can cause harm to businesses".
1 reply 0 retweets 6 likes
I guess there's always a few
I agree that is not a sane position.
-
-
I definitely struggle trying to tailor tweets to a wide audience without calling out individuals, or leading to confusion about who I mean. I am bad at twitter
0 replies 0 retweets 7 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.