Re: Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps

[coderman]

On Thu, Oct 31, 2013 at 6:56 PM, coderman <coderman at gmail.com> wrote:
> ...
> those who find this incredible* need to remember that Flame/Duqu style
> attacks (they are just one instance of a family of systems and
> programs) have been accelerating and improving since the mid aughts.


full disclosure is coming for the activities at DC19 and DC20.

? a fully automated exploitation system with runbooks from trivial to
last month 0day?
 check.

? ssh 0day and pilfered certificate code signing?
 check.

? mobile baseband 0day and surreptitious infection?
 check.

?automated lateral infection cross platform, cross architecture, cross
$whatever?
 check.


some day in the near future we'll all get a look into the abyss.  some
will retreat into denial, crossing this off the threat model.  others
will rise to challenge; well played!  now for my counter move...