Mandiant Intelligence Center Report

Discussion in 'other security issues & news' started by EncryptedBytes, Feb 28, 2013.

Thread Status:
Not open for further replies.
  1. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    http://intelreport.mandiant.com/

    A very good read. At most those in defensive roles should check out the MD5 hashes ( In the appendix) of malware that APT1 has used as part of their attack methodology and scan your stuff. ;)

     
  2. BrandiCandi

    BrandiCandi Guest

    If anyone on this forum finds anything on their computer that they can attribute to APT1, I would love to know about it.

    I think all but the most negligent of AV vendors will add those hashes to their databases if they haven't already.

    But I agree, I found it a great read.
     
  3. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,416
    Those crafty Chinese :rolleyes: They seem like amateur's using crap exploits that idiot's actually click in their emails.
     
  4. BrandiCandi

    BrandiCandi Guest

    There's no need for a fancy exploit when a boring old crap one will do (why write your own exploit from scratch when your target is running Windows XP sp2? There are canned exploits guaranteed to work).

    The crafty part comes in with the delivery. Convincing your target to click the email takes thought and research. You have to create an email message that looks legitimate from a source your target recognizes, and the content needs to appear normal.
     
Loading...
Thread Status:
Not open for further replies.