Links added today to the Stuxnet resources page…

Links to two Stuxnet-related stories have been added to the resources page at /2011/01/23/stuxnet-information-and-resources-3/. Kim Zetter, in Wired's "Threat Level" column Report: Stuxnet Hit 5 Gateway Targets on Its Way to Iranian Plant, summarizes the latest update to Symantec's Threat Dossier. Symantec researchers now believe that Stuxnet targeted five organizations in Iran as staging posts

…the conclusion does support what does appear to be the official Iranian line that this was an attack against Iranian nuclear operations, but that it wasn’t successful…

Added to the Stuxnet (3) resources page at http://blog.eset.com/2011/01/23/stuxnet-information-and-resources-3.

…an article by William Gibson (yes, that William Gibson) draws a connection between Brain (a 25-year-old PC virus) and Stuxnet. 25 Years of Digital Vandalism. He doesn't seem to think much of Stuxnet, drawing a much-to-the-point riposte from Bob McMillan: http://twitter.com/#!/bobmcmillan/status/30533396702699520. Links added to Stuxnet Information and Resources (3). David Harley CITP FBCS CISSP ESET

This is the 3rd volume of an ongoing Stuxnet resources blog article, supplementing our paper “Stuxnet Under the Microscope”. Volume 1 is at http://blog.eset.com/?p=5731, and volume 2 is at http://blog.eset.com/?p=5913.

[Update 23rd January 2011: volume 3 of this resource has just kicked off at /2011/01/23/stuxnet-information-and-resources-3/: volume 1 is at /2011/01/03/stuxnet-information-and-resources/.] @imaguid microblogged today about his annoyance at "the analysts and journalists who breathlessly fawn over #stuxnet", and suggested that we call it even. I hope he won't think I'm fawning by maintaining resource lists in

The Stuxnet analysis “Stuxnet Under the Microscope” … has, unlike most ESET white papers, been subject to a number of revisions as we’ve come to know more about the malware itself, and as the purposes of its perpetrators have become clearer. However, since all the known vulnerabilities exploited by Stuxnet have now been patched, version 1.3x of the document is likely to be the last substantial revision.

Version 1.3 of the Stuxnet Analysis white paper is now available on the white papers page at http://www.eset.com/documentation/white-papers.

…among the 17 security bulletins just released by Microsoft on Patch Tuesday, MS10-092 addresses the Task Scheduler vulnerability prominently exploited by Win32/Stuxnet…