in the DNC Hack



Malware Artifact Challenges

• Malware artifacts may also say something about

the attacker

• These are easy to fake – we do it all the time at

Rendition Infosec

• Black Hills Infosec used to provide a service to

embed APT related strings in existing binaries

• Ed Skoudis has been saying for years that

connections to the Stuxnet code can’t really be

trusted – too easy to false flag

• Powershell is just text – too easy to copy “coding


(C) 2016 Rendition Infosec - Jake Williams

More magazines by this user
Similar magazines