Hacker News new | past | comments | ask | show | jobs | submit login

I understand how an IOC works. If they make them public then they are available to exploit developers, who can change their implants to erase them.



Security cats and mice are in constant motion.

Static artifacts (exploits, patches, IOCs, C&C servers) still have value.

New cats/mice with old devices can learn from years of historical public artifacts.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: