Stuxnet

Are your USB flash drives an infectious malware delivery system?

USB flash drives continue to present a serious challenge to information security, for consumers and companies alike. You will be aware of this if you read our recent article on the Win32/Pronny worm, just one example of a piece of malicious software that is “in the wild” and actively seeking to spread via USB flash

Carbon Dating and Malware Detection

Carbon Black assert that if an AV company doesn’t detect malware within six days of its being flagged on Virus Total, it probably won’t after a month. Is that as dangerous as it sounds?

Interconnection of Gauss with Stuxnet, Duqu & Flame

Last week, reports of a new malware named Gauss emerged, a complex threat that has attracted a lot of media attention due to its links to Stuxnet and Flame and its geographical distribution.  Since ESET has added detection for this threat, we are seeing geographical distribution of detection reports similar to those detailed by Kaspersky.

Flamer Analysis: Framework Reconstruction

Aleksandr Matrosov looks at the internal architecture of Win32/Flamer’s mssecmgr.ocx module.

Flame, Duqu and Stuxnet: in-depth code analysis of mssecmgr.ocx

Analysis of the Flame worm (Win32/Flamer) reveals some interesting facts about the internal structure of its main module.

The negative impact on GDP of state-sponsored malware like Stuxnet and Flame

The slow drip of revelations about Flame have kept this piece of malware in the news for more than two weeks so it is worth reminding people that most antivirus programs now protect against Flame (ESET products detect it as Win32/Flamer.A). The coverage of Flame was boosted last week by a conveniently-timed assist from leaks

Stuxnet, Flamer, Flame, Whatever Name: There's just no good malware

A week ago the big malware news was the code known as Flame, Flamer, or sKyWIper (detected by ESET as Win32/Flamer.A), then on June 1, this news broke: "A damaging cyberattack against Iran’s nuclear program was the work of U.S. and Israeli experts and proceeded under the secret orders of President Obama." (Washington Post)  Clearly,

Win32/Duqu: It’s A Date

For the last few days, much malware research time has been devoted to the brand-new malware that ESET calls Win32/Duqu. One of the features that makes this kind of malware particularly interesting is that it very closely resembles Stuxnet, one of the most sophisticated worms of recent years. Last year we performed in-depth analysis of

Stuxnet Part Umpteen

I notice there’s a flurry of articles around the “Stuxnet anniversary” and “After Stuxnet” themes…

Stuxnet and the DHS

In fact, the real interest of the document lies in the extensive overview (12 closely-typed pages without graphics and such) of the DHS view of its own cybersecurity mission.

Stuxnet: Wired but Unplugged

I've stopped maintaining Stuxnet resource pages recently, but occasionally I come across an article that adds something useful to the mix, or simply summarizes aspects of the Stuxnet story neatly and accurately. Besides, its authors must be feeling a little left out with all that fuss about TDL4. ;-) A recent report in Wired gives

The Next Stuxnet

…the ‘next Stuxnet’ probably won’t be any such thing, whatever we may choose to call it…

Real War – The Next Cyber Frontier

Cyber Security pundits have been keenly watching the development of nascent state targeted attacks such as the Stuxnet worm with interest for some time and warning of the possible implications, but now it’s official. According to The Wall Street Journal, “The Pentagon’s first formal cyber strategy, unclassified portions of which are expected to become public

The Stuxnet Train Rolls On…

… albeit more slowly than previously. Added to the resources page at http://blog.eset.com/2011/01/23/stuxnet-information-and-resources-3 today: A nice article by Mark Russinovich on Analyzing a Stuxnet Infection with the Sysinternals Tools, Part 1. Though I don't think Stuxnet is universally acknowledged as the most sophisticated malware ever. See, for instance, http://gcn.com/articles/2011/01/18/black-hat-stuxnet-not-superworm.aspx. (Hat tip to Security Garden for the pointer.)

Stuxnet, SCADA and malware

Kelly Jackson Higgins in a Dark Reading article tells us that Malware Attacks Decline In SCADA, Industrial Control Systems, quoting a report published by the Security Incidents Organization drawing on its Repository of Industrial Security Incidents (RISI) database. One aspect that’s attracted attention on specialist lists is the mention of a large US power company

Stuxnet analyses: more jaw-jaw*, more cyberwar, less precision

Added 5th March 2011 to the Stuxnet resources page at http://blog.eset.com/?p=5945…

Langner, Stuxnet, US and Israel.

Added to the Stuxnet resources page at http://blog.eset.com/2011/01/23/stuxnet-information-and-resources-3 on 4th March 2011: Ralph Langner at the TED Conference, as summarized by the BBC: US and Israel were behind Stuxnet claims researcher. As previously mentioned at http://blog.eset.com/2011/03/03/nice-stuxnet-commentary-and-hype-deflation. (Hat tip to Mikko Hypponen. Again!) David Harley CITP FBCS CISSP ESET Senior Research Fellow

February ThreatSense Report

The February ThreatSense Report is now available…

More on Stuxnet

A few more developments in the Never-Ending Story: Michael Joseph Gross on A Declaration of Cyber War in Vanity Fair. Despite a somewhat breathless tone in the introduction – "the world’s top software-security experts were panicked by the discovery of a drone-like computer virus" (where's my Valium?!) – actually a comprehensive and largely accurate account. It

Stuxnet Resources

Links added today to the Stuxnet resources page…

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

1 article related to:
Hot Topic
11 Dec 2012
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.