![]() So what do we need? An easy and standard way to describe a breach or the describe a malware and its behaviors. Also the IT environment is vast, heterogeneous, not always managed, making it even more difficult to ensure that a breach is contained quickly and in effective manner. The current threat landscape is made of highly complex viruses and/or stealth intrusions, very difficult to prevent, identify, detect, etc. ![]() ![]() Indicators of Compromise are forensic artifacts of an intrusion that can be identified on a host or network. IOC)! Let’s have a closer look at those IOCs. As I said in a previous post, cyber-espionage is on an increase trend and what Mandiant release is just the tip of the iceberg.īut what is really interesting in this report is the…appendix! Mandiant did include an awful lot of details such as FQDN, SSL Certificates and…Indicators of Compromise (e.g. I’m not going to review the report or to comment on it, even though the work that Mandiant did is really impressive and clearly demonstrate that governemental attacks are real. The release of the APT1 report from Mandiant has been one of the major recent event in the security world.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |