Antivirus

Security community tools help intruders

To many ordinary home users and businesses, security software is nothing more than having antivirus protection and or endpoint security software. However, for enterprises the situation is more complex.I expect adversaries will continue to leverage publicly released tools, often developed by penetration testers and security researchers, to compromise and control targets worldwide. This trend, publicized most…


To many ordinary home users and businesses, security software is nothing more than having antivirus protection and or endpoint security software. However, for enterprises the situation is more complex.

I expect adversaries will continue to leverage publicly released tools, often developed by penetration testers and security researchers, to compromise and control targets worldwide. 

This trend, publicized most effectively by Mandiant’s Andrew Thompson, turns standard defensive thinking upside down. Unfortunately, it is difficult for those who work on the offensive side of the security team to recognize that this is the case.

The mantra for the past decade has been to “make intrusions more costly for the adversary.” One of the costs an intruder used to have to consider was the development of tools and techniques to compromise and control targets. 

However, today the majority of intruders operate publicly released tools to accomplish their goals. This means that intruders can radically decrease their research and development costs, as that burden has already been borne by penetration testers and security researchers.

About the author

Richard Bejtlich is principal security strategist at Corelight.

Public offensive tool releases

The argument in support of public offensive tool release usually offered by penetration testers and security researchers is that they are simply recreating capabilities already known and perhaps utilized by top tier intrusion groups. 

By releasing new capabilities, the argument goes, defenders learn what is possible and can develop mitigations that work against penetration testers and actual adversaries. 

Their scenario plays out in the following manner:

  • An enterprise deploys assets in

Read More

Be the first to write a comment.

Leave a Reply

Antivirus

Feds bust two fake antivirus sellers for millions in fraud

If you frequent certain portions of the internet, you’ve almost certainly seen pop-ups warning you that your PC is infested with all manner of creepy-crawly viruses. The ad is fake, and so is the software that it asks you to pay for, according to a new Federal Trade Commission lawsuit against a pair of phony

If you frequent certain portions of the internet, you’ve almost certainly seen pop-ups warning you that your PC is infested with all manner of creepy-crawly viruses. The ad is fake, and so is the software that it asks you to pay for, according to a new Federal Trade Commission lawsuit against a pair of phony antivirus sellers…
Read More

Continue Reading
Antivirus

Protect your computer from viruses for just $25

The 2024 edition of the ESET NOD32 Antivirus software features anti-phishing protection, malware blocking, and more…

The 2024 edition of the ESET NOD32 Antivirus software features anti-phishing protection, malware blocking, and more…
Read More

Continue Reading
Antivirus

Avast One review: Well-priced PC security with excellent protection

At a glanceExpert’s Rating ProsClean, uncluttered interfaceExcellent antivirus protectionWell-priced for its feature setConsFull scans affect PC performance when using Microsoft Office appsNo included password managerOur VerdictAvast One expands upon the company’s free security suite, with upgraded defenses against online threats and additional features. You don’t get just excellent antivirus protection…

At a glanceExpert’s Rating
ProsClean, uncluttered interfaceExcellent antivirus protectionWell-priced for its feature setConsFull scans affect PC performance when using Microsoft Office appsNo included password managerOur VerdictAvast One expands upon the company’s free security suite, with upgraded defenses against online threats and additional features. You don’t get just excellent antivirus protection…
Read More

Continue Reading
Antivirus

DeFi Exploits in February Cause Losses of $82 Million With Just $1.3 Million Recovered: Report

A report sent to Cryptonews by web3 app and antivirus solution De.Fi noted that $82,287,101 was lost in February 2024 from security incidents, with just $1,325,932 recovered. The post DeFi Exploits in February Cause Losses of $82 Million With Just $1.3 Million Recovered: Report appeared first on Cryptonews…

A report sent to Cryptonews by web3 app and antivirus solution De.Fi noted that $82,287,101 was lost in February 2024 from security incidents, with just $1,325,932 recovered.
The post DeFi Exploits in February Cause Losses of $82 Million With Just $1.3 Million Recovered: Report appeared first on Cryptonews…
Read More

Continue Reading