> which doesn't require much in the way of bleeding edge technology
They did runtime level attacks and (then) novel exploits which SentinelOne co-published with Reuters, but they took the article down due to the same lawsuit Reuters faced.
Also do NOT underestimate spear phishing - the social engineering aspect is just a Trojan for the actual payload which is almost always malicious. Being able to transmit a malicious payload without being flagged by an email provider or an EDR takes a lot of technical effort.
Ah interesting. I don't know enough about those to know what hardware is required. But the bulk of the cases the article talks about are phishing.
Not saying they're not smart. The comment implied they have advanced tech or hardware that may have been embargoed, but the vector of attack is one which can be done without those.
They did runtime level attacks and (then) novel exploits which SentinelOne co-published with Reuters, but they took the article down due to the same lawsuit Reuters faced.
Here's the web archive of the original article - https://web.archive.org/web/20231117061038/https://www.senti...
Also do NOT underestimate spear phishing - the social engineering aspect is just a Trojan for the actual payload which is almost always malicious. Being able to transmit a malicious payload without being flagged by an email provider or an EDR takes a lot of technical effort.