1) Another Virus Bulletin conference paper has just gone up on the ESET white papers page, by kind permission of the magazine. Large-Scale Malware Experiments: Why, How, And So What? by Joan Calvet, Jose M. Fernandez, our own Pierre-Marc Bureau, and Jean-Yves Marion, discusses how they replicated a botnet for experimental purposes, and what use they
Mientras los especialistas de la industria antivirus debaten sobre los temas de relevancia en materia de amenazas en la conferencia Virus Bulletin, aprovechamos la oportunidad para contarles justamente sobre una de las amenazas que fueron tratadas a través de dos papers en el evento, con un amplio debate suscitado el día de ayer. Se trata
In researching today’s SC Magazine Cybercrime Corner article “From sci-fi to Stuxnet: Exploding gas pipelines and the Farewell Dossier”, I came across this ‘Damn Interesting’ article which showcases the successful cyberwarfare compromise of a SCADA / pipeline control system nearly thirty years ago, an event which I had heard stories about in Navy circles but
While the defining research on the Stuxnet topic doesn’t go this far, Forbes writer Trevor Butterworth went out on a limb to name names along with detailing the warfare aspects: As I noted last week – and as the news media have only begun to grasp – Stuxnet represents a conceptual change in the history
…we have just published a lengthy analysis that considers many of these questions, as well as discussing some of the characteristics of this fascinating and multi-faceted malicious code. The report is already available here, and will shortly be available on the ESET white papers page.
There have been recent articles with fantastic titles such as “New threat: Hackers look to take over power plants” and “Hackers Target Power Plants and Physical Systems” in the wake of the Stuxnet worm that targeted certain industrial control systems (ICS). The reality is that hackers targeting ICS is nothing new. I am not clear
Luego de las repercusiones sobre Stuxnet, explotando la vulnerabilidad CVE-2010-2568, a la cual se sumaron dos familias más (Win32/TrojanDownloader.Chymine.A y Win32/Autorun.VB.RP) y la incorporación del exploits a un crimeware (Zombie Explotation Kit), recientemente se ha descubierto otro código malicioso que utiliza esta debilidad para infectar los sistemas de información. Se trata de Sality, un peligroso
Kim Zetter’s article for Wired tells us that “SCADA System’s Hard-Coded Password Circulated Online for Years” – see the article at http://www.wired.com/threatlevel/2010/07/siemens-scada/#ixzz0uFbTTpM0 for a classic description of how a password can have little or no value as a security measure. Zetter quotes Lenny Zeltser of SANS as saying that ““…anti-virus tools’ ability to detect generic versions of