Recently, Tenable's Research team created Nessus checks and log searches to look for indicators specified in the Mandiant APT1 report. Our response was not unlike a typical Microsoft Tuesday afternoon where our team writes active, credentialed, and passive checks for missing patches. There are a lot of other indicator sources and, following the press surrounding the APT1 report, there will undoubtedly be more disclosures. When this steady stream of indicator disclosures starts, there will likely be an outcry from IT security professionals everywhere to align these releases to a certain day of the week for the same reasons we have Microsoft Tuesday.
↧