Detection and Response about APT&Co.

L

LabZero

Thread author
Hello everyone.

When we talk about cyber attacks, APT and advanced attacks, quite often there is confusion because, for antivirus manufacturers, the main goal seems to be to neutralize malware, It doesn't matter how advanced.

But behind such an attack there are humans, not bits.

Therefore, the goal should be to focus on attackers and NOT malware! It's only a tool, that although neutralized is quickly replaced by another.

Because there is a strategy of attack.

The attitude of many security departments against a compromise continues to be:
  • Alarm infected machine.
  • Identifying the infected machine.
  • Attempt disinfection machine.
But ... it is possible that the malware is still on your PC ... waiting for the moment to infect the machine again and simultaneously stealing personal data.

This is a scenario that may occur.

Well, in my opinion it's necessary to reflect on the need to focus on the context, not the malware, on the attack strategy and not about the used tools (malware).

Only in this way it becomes possible to understand what is happening and response planning.
Planning that considers the analysis incident, understanding of tactics and action to neutralize the entire attack by preventing data theft.

In two words: detection and response.
 
  • Like
Reactions: Sr. Normal, jamescv7, trhd03twth and 4 others
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Prevention, that's the number one concept at all since you will prohibit any types of attacks within lesser hassle as possible rather cure.

Numerous seminars are gathered all around the world to encourage awareness regarding in attacks, Honeypot is a part of table contents which normally tackle by speakers so therefore you can formulate more type of protection on possible multiple attacks.
 
  • Like
Reactions: LabZero
You must log in or register to reply here.

Similar threads

vtqhtr413
    • +Reputation
    • Like
Security News ScarCruft APT Group Gears Up to Target Cybersecurity Pros
Replies
0
Views
1,193
Security News
vtqhtr413
vtqhtr413
vtqhtr413
    • Like
    • +Reputation
Security News Midnight Blizzard attack highlights “worrying flaws” in Microsoft security
Replies
2
Views
1,824
Security News
vtqhtr413
vtqhtr413
silversurfer
    • Like
    • +Reputation
Stealthy APT Gelsemium Seen Targeting Southeast Asian Government
Replies
1
Views
1,239
News Archive
nickstar1
nickstar1

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top