Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
AV/EDR challenge
Message
<blockquote data-quote="bazang" data-source="post: 1113915" data-attributes="member: 114717"><p>SUA compromise almost always involves a threat agent targeting a business or organization.</p><p></p><p>UAC can be bypassed on SUA; SUA and UAC are just a speed bump along the threat agent's path to persistence and lateral/vertical pivoting, and ultimate pwn.</p><p></p><p>Combined/integrated with/packaged with the right exploit or chain of exploits, it could be 100% hidden, virtually undetectable remote code execution and nobody would be the wiser. While you were blissfully using your SpyNetGirl protected SUA, the enemy is within your system and hard at work stealing data, performing reconnaissance, inventorying what is on the network, and exploring pivots.</p><p></p><p>This is the stuff that 5 million and 10 million Euro exploits are made of. Typically, it is nations that are interested and willing to pay for this class of exploits. However, lately, the drug cartels and terrorist organizations have been actively marketing that they are buying and willing to pay. Just think - drug cartels have more money than some countries' total national operating budgets.</p><p></p><p>It is a waste of time to think or worry about this sort of stuff unless you are a political or ideological dissident and you are targeted by nation-state threat agents. If you are a political or ideological dissident, then my advice is "Don't do that." Best way to not become a target.</p></blockquote><p></p>
[QUOTE="bazang, post: 1113915, member: 114717"] SUA compromise almost always involves a threat agent targeting a business or organization. UAC can be bypassed on SUA; SUA and UAC are just a speed bump along the threat agent's path to persistence and lateral/vertical pivoting, and ultimate pwn. Combined/integrated with/packaged with the right exploit or chain of exploits, it could be 100% hidden, virtually undetectable remote code execution and nobody would be the wiser. While you were blissfully using your SpyNetGirl protected SUA, the enemy is within your system and hard at work stealing data, performing reconnaissance, inventorying what is on the network, and exploring pivots. This is the stuff that 5 million and 10 million Euro exploits are made of. Typically, it is nations that are interested and willing to pay for this class of exploits. However, lately, the drug cartels and terrorist organizations have been actively marketing that they are buying and willing to pay. Just think - drug cartels have more money than some countries' total national operating budgets. It is a waste of time to think or worry about this sort of stuff unless you are a political or ideological dissident and you are targeted by nation-state threat agents. If you are a political or ideological dissident, then my advice is "Don't do that." Best way to not become a target. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
