Analysis of the Flame worm (Win32/Flamer) reveals some interesting facts about the internal structure of its main module.
I've stopped maintaining Stuxnet resource pages recently, but occasionally I come across an article that adds something useful to the mix, or simply summarizes aspects of the Stuxnet story neatly and accurately. Besides, its authors must be feeling a little left out with all that fuss about TDL4. ;-) A recent report in Wired gives
Cyber Security pundits have been keenly watching the development of nascent state targeted attacks such as the Stuxnet worm with interest for some time and warning of the possible implications, but now it’s official. According to The Wall Street Journal, “The Pentagon’s first formal cyber strategy, unclassified portions of which are expected to become public
Kelly Jackson Higgins in a Dark Reading article tells us that Malware Attacks Decline In SCADA, Industrial Control Systems, quoting a report published by the Security Incidents Organization drawing on its Repository of Industrial Security Incidents (RISI) database. One aspect that’s attracted attention on specialist lists is the mention of a large US power company
Added 5th March 2011 to the Stuxnet resources page at http://blog.eset.com/?p=5945…
Some extra resources: J. Oquendo takes a cold, clear look on Infosec Island at some of the hype that surrounds the Stuxnet story: Cyberterrorism – As Seen On TV While Visible Risk, while by no means entirely negative about the Vanity Fair Stuxnet story (see http://blog.eset.com/2011/03/02/more-on-stuxnet), makes an entirely reasonable point about Irresponsible Sensationalism. I
A few more developments in the Never-Ending Story: Michael Joseph Gross on A Declaration of Cyber War in Vanity Fair. Despite a somewhat breathless tone in the introduction – "the world’s top software-security experts were panicked by the discovery of a drone-like computer virus" (where's my Valium?!) – actually a comprehensive and largely accurate account. It
Links to two Stuxnet-related stories have been added to the resources page at /2011/01/23/stuxnet-information-and-resources-3/. Kim Zetter, in Wired's "Threat Level" column Report: Stuxnet Hit 5 Gateway Targets on Its Way to Iranian Plant, summarizes the latest update to Symantec's Threat Dossier. Symantec researchers now believe that Stuxnet targeted five organizations in Iran as staging posts
…an article by William Gibson (yes, that William Gibson) draws a connection between Brain (a 25-year-old PC virus) and Stuxnet. 25 Years of Digital Vandalism. He doesn't seem to think much of Stuxnet, drawing a much-to-the-point riposte from Bob McMillan: http://twitter.com/#!/bobmcmillan/status/30533396702699520. Links added to Stuxnet Information and Resources (3). David Harley CITP FBCS CISSP ESET
[Update 23rd January 2011: volume 3 of this resource has just kicked off at /2011/01/23/stuxnet-information-and-resources-3/: volume 1 is at /2011/01/03/stuxnet-information-and-resources/.] @imaguid microblogged today about his annoyance at "the analysts and journalists who breathlessly fawn over #stuxnet", and suggested that we call it even. I hope he won't think I'm fawning by maintaining resource lists in
The Stuxnet analysis “Stuxnet Under the Microscope” … has, unlike most ESET white papers, been subject to a number of revisions as we’ve come to know more about the malware itself, and as the purposes of its perpetrators have become clearer. However, since all the known vulnerabilities exploited by Stuxnet have now been patched, version 1.3x of the document is likely to be the last substantial revision.