[cryptome] Re: Regin: Top-tier espionage tool enables stealthy surveillance

• From: coderman <coderman@xxxxxxxxx>
• To: cryptome@xxxxxxxxxxxxx
• Date: Sun, 23 Nov 2014 18:56:15 -0800

On 11/23/14, Aftermath <aftermath.thegreat@xxxxxxxxx> wrote:
> Regin: Top-tier espionage tool enables stealthy surveillance
>
> http://www.symantec.com/connect/blogs/regin-top-tier-espionage-tool-enables-stealthy-surveillance
...

the interesting aspect they highlight is that everything past the
first loader is encrypted.

this is why a volatility style view of host memory is critical to
identifying and mitigating advanced threats.

some of the most advanced malware doesn't even "persist" in the usual
sense, instead leaving "triggers" on peripheral devices which can
"tip" to compromise on demand, even after replacing hard drives and
doing clean installs from the top...

• References:
  • [cryptome] Regin: Top-tier espionage tool enables stealthy surveillance
    • From: Aftermath

Other related posts:

• » [cryptome] Regin: Top-tier espionage tool enables stealthy surveillance- Aftermath
• » [cryptome] Re: Regin: Top-tier espionage tool enables stealthy surveillance - coderman
• » [cryptome] Re: Regin: Top-tier espionage tool enables stealthy surveillance- doug
• » [cryptome] Re: Regin: Top-tier espionage tool enables stealthy surveillance- Shaun O'Connor

1. Home
2. cryptome
3. Archive
4. 11-2014

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---