I published the following diary on isc.sans.org: “Whitelists: The Holy Grail of Attackers“.
As a defender, take the time to put yourself in the place of a bad guy for a few minutes. You’re writing some malicious code and you need to download payloads from the Internet or hide your code on a website. Once your malicious code spread in the wild, it will be quickly captured by honeypots, IDS, … (name your best tool) and analysed automatically of manually by the good guys… [Read more]
[The post [SANS ISC] Whitelists: The Holy Grail of Attackers has been first published on /dev/random]
Article Link: https://blog.rootshell.be/2017/04/05/sans-isc-whitelists-holy-grail-attackers/