I mean you do have a point where the attack originated on the end target. In other scenarios, losing persistence on a foothold you are pivoting from to a broad network compromise is an actual cost driver.
Sure, perhaps weekly maybe daily at a stretch, isn't being compromised that long bad enough? I know I wouldn't feel much better if you told me an attacker had kernel code exec, but only for a few days!
-
-
Depends on the attacker's objectives. If it's stealing your browser's current cookies then a few seconds is more than enough. But if objective is capturing conversations or waiting for corporate earnings numbers to become available then attacker needs to focus on long-term.
-
Right, this is an example of a minor change in approach - you recompromise after the phone is rebooted, or wait until you knew earnings are about to be released. Would you agree that lack of long term persistence does not prevent those two attacks?
- 26 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.