On Thu, Oct 31, 2013 at 6:56 PM, coderman <coderman@gmail.com> wrote:
... those who find this incredible* need to remember that Flame/Duqu style attacks (they are just one instance of a family of systems and programs) have been accelerating and improving since the mid aughts.
full disclosure is coming for the activities at DC19 and DC20. ? a fully automated exploitation system with runbooks from trivial to last month 0day? check. ? ssh 0day and pilfered certificate code signing? check. ? mobile baseband 0day and surreptitious infection? check. ?automated lateral infection cross platform, cross architecture, cross $whatever? check. some day in the near future we'll all get a look into the abyss. some will retreat into denial, crossing this off the threat model. others will rise to challenge; well played! now for my counter move...