in the DNC Hack

munin

Potential-for-False-Flag-Operations-in-the-DNC-Hack-Jake-Williams

Malware Artifact Challenges

• Malware artifacts may also say something about

the attacker

• These are easy to fake – we do it all the time at

Rendition Infosec

• Black Hills Infosec used to provide a service to

embed APT related strings in existing binaries

• Ed Skoudis has been saying for years that

connections to the Stuxnet code can’t really be

trusted – too easy to false flag

• Powershell is just text – too easy to copy “coding

styles”

(C) 2016 Rendition Infosec - Jake Williams

More magazines by this user
Similar magazines