Tag: APT

  • APT Naming Woes Redux (Bonus ‘DOJ’ Oops!)

    APT Naming Woes Redux (Bonus ‘DOJ’ Oops!)

    One aspect of vulnerability intelligence is also doing a best-faith effort to track the threat actors that are using the vulnerabilities. While that information often isn’t published, when it is we should include it. For example, less than 1% of data breaches publish the vulnerability associated with the initial compromise, and that is often the…

  • RSA Hack Thoughts

    RSA Hack Thoughts

    I read the article “The Full Story of the Stunning RSA Hack Can Finally Be Told” by Andy Greenberg in Wired and several things stood out to me. So this is my commentary on the article and events that are covered. “It opened my eyes to supply chain attacks.” says Mikko Hypponen, chief research officer…

  • Rebuttal: Northrop Grumman, Cyber-gangs, APT and 0-day [Messmer]

    [This was originally published on attrition.org. This is a rebuttal piece to “Northrop Grumman constantly under attack by cyber-gangs” (June 21, 2011) by Ellen Messmer (@EllenMessmer), Senior Editor at Network World. Warning: Due to Northrop Grumman, Timothy McKnight and Ellen Messmer’s use of inflammatory words like “Advanced Persistent Threat” and the mis-use of “zero day”, the witnesses will be…