Blacklisting known or recently identified command-and-control domains can go a long way to help catch an APT-born attack. “The biggest concern is that 1 percent that’s extremely targeted that you’re not going to detect,” analyst says. T-Mobile CISO Bill Boni says security professionals have to be realistic about the threat. Never underestimate the APT attacker: It’s typically a well-funded, nation-state group hell-bent on getting as much information as it can.”]
Source: https://www.darkreading.com/attacks-breaches/to-catch-an-apt