Persistence as a security boundary should be a goal of all modern operating systems. When breaking down costs/time spent during redteam ops, gaining persistence on integrity protect partitions is a top cost driver for attackershttps://twitter.com/lorenzofb/status/1229798896051904512 …
Um.... Isn't presuming how long an attacker requires *exactly* what you're doing? I'm saying, that they achieved full compromise, why do you presume that isn't sufficient?
-
-
Because the discussion was about persistence already. I'm not introducing the concept, you're trying to close the door on that part of the convo. Since we can't know if it's relevant, both positions are equally wrong :p
-
Monitoring journalists is a pretty obvious use case here. If it's a obvious chain, like send message -> open file it's probably not something you'd want to do more than once.
- 1 more reply
New conversation -
-
-
"Trusted" systems with hardened boot loaders are to Microsoft what that pale cetacean was to Mr Ahab.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
