March of the Titans

[Dave Aitel <dave () immunityinc com>]

Watch the SILICA video here, including the hilarious entry noise that
Nico did somehow: https://vimeo.com/115337910

SILICA has another new feature that Alex didn't mention on the video,
which is that it can replace binaries being downloaded to become CANVAS
callbacks, and get access to Windows, Linux or OS X machines that way. 
Now of course everyone on this list is like "WHO WOULD DOWNLOAD A BINARY
OVER WIRELESS AND RUN IT?!?" but the answer is "Every Windows user has
to do this about 5 times a day to do anything on their computer",  so
all of them - sadly.

Likewise, the new CANVAS release this week has a version of the
"sandworm" exploit that works on 8.1 and is an all-in-one OLE package,
which the original one wasn't for some reason. So while the original one
could not be used to worm, the CANVAS one COULD in theory, be used to
worm. Which I'm glad we did just to justify the name!

-dave

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave