After Black Hat, DefCon, and the recent McAfee report, you are probably tired of all of the hype around APTs. I agree that the industry has co-opted and obfuscated but these “low-and-slow” attacks are something we need to understand and address before more of our private information and intellectual property flies out the IP-connected door.
One of the characteristics of APTs is some type of social engineering tactic where the bad guys somehow con an internal user to download a malicious executable. This creates an internal outpost where hackers can steal credentials, scan the network, and ultimately steal valuable data.
via Networking Nuggets and Security Snippets: Remote Workers: An Easy Target for APTs.
Leave a Reply