Re: [SC-L] informIT: Modern Malware

2011-03-26 Thread Haroon Meer 
Heya Gary (all)

On Sat, Mar 26, 2011 at 3:32 PM, Gary McGraw g...@cigital.com wrote:
 I agree that the APT term is overused by the marketing types.  In this
 case you can translate it as malware that infects a server or an ad
 network and is served up to unwitting victims in a drive by download.

Malware distributors look for good distribution channels, and the
ad-server provides one.
While it is a Threat, it's no more Advanced than we have seen before.
It isn't more Persistant than Stoned [1] was on a disk.

 What would you call it haroon?

In truth, i would avoid giving it a new name.
Drive by download: Yes. APT: No

/mh

[1] http://en.wikipedia.org/wiki/Stoned_(computer_virus)

-- 
Haroon Meer | Thinkst Applied Research
http://thinkst.com/pgp/haroon.txt
Tel: +27 83 786 6637

___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
___

Re: [SC-L] More on Cyber War

2010-06-23 Thread Haroon Meer 
Hi..

On Mon, Jun 21, 2010 at 12:53 PM, Benjamin Tomhave
tomh...@secureconsulting.net wrote:
 I love how Howard Schmidt's voice seems to have been lost in the fray,
 since his comments came way back in March at RSA.
 http://www.wired.com/threatlevel/2010/03/schmidt-cyberwar/

Would have considered it slightly off-list-topic, but the current
thread seems to allow it in :

My slides from the 2010 Conference on Cyber Conflict are now online at
[http://blog.thinkst.com/2010/06/conference-on-cyber-conflict-slides.html]

Comments / Flames / Feedback is always welcome..

/mh

-- 
Haroon Meer http://thinkst.com/
Tel: +27 83 786 6637PGP: http://thinkst.com/pgp/haroon.txt
___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
___