tag:blogger.com,1999:blog-6447283518071683105.post2012834020325973329..comments2023-04-02T10:17:04.631-04:00Comments on Forensic Incident Response: We just don't get ithogflyhttp://www.blogger.com/profile/00741773109962883616noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-6447283518071683105.post-39619267317715628442010-02-24T21:46:07.793-05:002010-02-24T21:46:07.793-05:00APT, I fight it every day, IN the US Government. ...APT, I fight it every day, IN the US Government. Which is completely owned/Pwnd. I do malware analsys / forensics and can agree much is simple malware. some elements are advanced. Compromise is constant. <br /><br />In my opinion US Gov will never get its act together until it is literally to late. CIO's with no authority, now power, no ability to control budgets, no power to fire/fine diocydehttp://diocyde.wordpress.comnoreply@blogger.comtag:blogger.com,1999:blog-6447283518071683105.post-21941927742685807002010-02-07T14:24:38.025-05:002010-02-07T14:24:38.025-05:00@Harlan
Great comments as always. I do not belie...@Harlan<br /><br />Great comments as always. I do not believe you to be a critic either. I honestly have to wonder if we are all a little too focused on what to call this or the title being used to identify these attacks and the attackers. It's not anyone's fault that there is focus on this so I have to ask you, in your opinion, what is 'Advanced'? Keeping in mind that not allhogflyhttps://www.blogger.com/profile/00741773109962883616noreply@blogger.comtag:blogger.com,1999:blog-6447283518071683105.post-64720138496690018572010-02-07T13:05:05.905-05:002010-02-07T13:05:05.905-05:00@Alex
Great comments. I think it's inevitable...@Alex<br />Great comments. I think it's inevitable that APT attacks will become a marketing buzzword. It already has. The Mandiant Report did a lot of that whether or not it was intentional.<br /><br />Is there a shift in targets? I would like to think the answer is both yes and no. There are targets that have always been targets for these kinds of attacks. There are new targets howeverhogflyhttps://www.blogger.com/profile/00741773109962883616noreply@blogger.comtag:blogger.com,1999:blog-6447283518071683105.post-45889286178378701102010-02-07T08:08:48.797-05:002010-02-07T08:08:48.797-05:00This "APT" discussion is becoming way to...This "APT" discussion is becoming way too polarized. I'm not a critic...I'm an observer who's trying to understand. I've been looking at what's said, and based on my own experience, I'm not seeing the "A" so much, and I've been seeing the "P" for quite a while already, so that's not new to me.<br /><br />Part of the polarization is H. Carveyhttps://www.blogger.com/profile/08966595734678290320noreply@blogger.comtag:blogger.com,1999:blog-6447283518071683105.post-82998372944747461792010-02-06T14:10:18.279-05:002010-02-06T14:10:18.279-05:00It actually matters very much.
1.) If the APT ...It actually matters very much. <br /><br />1.) If the APT is a new marketing term only to describe what the advanced nation-state threat is or does, then APT based marketing; Saying that "the APT is *everyone's* problem" is bullshit. Bullshit that will keep real people from defending from the threats they currently face (the vast majority of which are not the Chinese).<br /><br /Alexhttp://www.newschoolsecurity.comnoreply@blogger.com