Tag: apt
-
VB2017 paper: Modern reconnaissance phase on APT – protection layer
Targeted attack campaigns involve multiple stages, the first of which consists of collecting information about the target: the reconnaissance phase. It’s an essential part of any campaign and one that often exploits that well known weakest link: the human user. At VB2017 in Madrid, Cisco Talos researchers Paul Rascagneres and Warren Mercer presented a paper…
-
Advanced and inept persistent threats to be discussed at VB2017
Only a few years ago, “APT” (advanced persistent threat) was a buzzword mostly heard being bandied around at security exhibitions to sell even more advanced technology to prevent, detect and remediate threats. And though people are right to point out that even the most powerful attackers use technology that is only as advanced as it…
-
Advanced and inept persistent threats to be discussed at VB2017
Only a few years ago, “APT” (advanced persistent threat) was a buzzword mostly heard being bandied around at security exhibitions to sell even more advanced technology to prevent, detect and remediate threats. And though people are right to point out that even the most powerful attackers use technology that is only as advanced as it…
-
VB2016 paper: Wave your false flags! Deception tactics muddying attribution in targeted attacks
Security researchers have a complicated relationship with attribution. On the one hand, for technical analyses, it doesn’t matter whether an attack was performed by a Bear, a Panda or an Eagle, and whether it was Cozy or Fancy. But security research doesn’t exist in a void, and in an era where the overlap with geopolitics…
-
VB2016 paper: Wave your false flags! Deception tactics muddying attribution in targeted attacks
Security researchers have a complicated relationship with attribution. On the one hand, for technical analyses, it doesn’t matter whether an attack was performed by a Bear, a Panda or an Eagle, and whether it was Cozy or Fancy. But security research doesn’t exist in a void, and in an era where the overlap with geopolitics…
-
VB2015 paper: Effectively testing APT defences
Simon Edwards discusses how to test the potentially untestable. Like the term or loathe it, APTs have given rise to a new generation of security products that protect against these more targeted and sometimes more advanced threats. Often, such products come with bold claims about how they are able to fend off such threats in…
-
VB2015 paper: The ethics and perils of APT research: an unexpected transition into intelligence brokerage
Juan Andrés Guerrero-Saade discusses the perils and ethical conundrums that arise as the industry enters a new playing field. Many security researchers have been part of the security community for long enough to remember the days when the typical adversary was a 17-year-old teenager operating from their bedroom. These days, however, some of the adversaries…
-
VB2015 preview: advanced persistent threats
Several conference papers to deal with targeted attacks. There was a time when analyses of malware and viruses at the Virus Bulletin conference used the number of infections as a measure of the harm done. And while there are still many talks on what is now referred to as ‘opportunistic malware’, targeted attacks, or APTs,…