What do you mean by retool in this case? Find a new method to achieve persistence or change approach to not assume persistence?
Right, this is an example of a minor change in approach - you recompromise after the phone is rebooted, or wait until you knew earnings are about to be released. Would you agree that lack of long term persistence does not prevent those two attacks?
-
-
If attacker can recompromise at will without detection or prevention then persistence doesn't really matter anymore. But if attacker only gets a single chance to compromise victim and objective data is not yet on victim's device then persistence does matter.
-
In your opinion, is that a common issue? Attackers only having a single chance to compromise, and only want data that doesn't exist yet, and won't exist before the next normal reboot (let's say, a month for patch Tuesday) - and no other way to leverage a full compromise?
- 24 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.