...given the amount of detailed analysis that's already available (and I mean substantial blocks of reverse-engineered code, not high-level analysis and code snippets and descriptions), I'm not sure that anyone with malicious intent and a smidgen of technical skill would need the original code...
Search results for: "stuxnet"
...an article suggests that "Stuxnet was developed to improve the quality of enriched uranium, so that it no longer can be used for the production of atomic bombs." It's an interesting theory, and I'm certainly not going to say it's wrong...
...Eric Chien ... tells us that "Stuxnet requires the industrial control system to have frequency converter drives from at least one of two specific vendors..."
...the "Stuxnet under the microscope" has been updated.today on the white papers page: details as following...
Tip of the hat to Bruce Dang and Dave Aitel for flagging an inaccuracy in ESET's Stuxnet report
The Stuxnet analysis “Stuxnet under the Microscope” we published a few weeks ago has been updated...
Google translate is pretty cool, but they are missing a language. You can translate from Haitian Creole to Yiddish and from Galacian to Maltese, but you can’t translate from geekspeak to anything a regular person understands. The good part about this for me is that I have a job trying to do just that! David
...we also indicated in that paper that there are two Elevation of Privilege (EoP) vulnerabilities that we chose not to describe while patches were pending. One of these has now been patched, so we’re now able to publish some of the information we have on it. (When the other vulnerability has been patched, we plan to update the Stuxnet paper with information on both issues.)
Now that cyberwarfare is out of the bottle, will anyone agree to not use it? In the summer of 1945 in New Mexico, the Trinity test gave rise to the term ground zero. Could Stuxnet may be measured as a definitive ground zero in cyberwarfare comparable to Trinity? Concerning Stuxnet’s latest rise in China, David
This is an item you may not have seen amid all the speculation about Stuxnet, Iran and Israel.
In researching today’s SC Magazine Cybercrime Corner article “From sci-fi to Stuxnet: Exploding gas pipelines and the Farewell Dossier”, I came across this ‘Damn Interesting’ article which showcases the successful cyberwarfare compromise of a SCADA / pipeline control system nearly thirty years ago, an event which I had heard stories about in Navy circles but
Just in case you haven’t heard enough from me on the topic of Stuxnet, the Security Week article I mentioned in a previous blog is now up at http://www.securityweek.com/stuxnet-sux-or-stuxnet-success-story. ;-) David Harley CITP FBCS CISSP ESET Senior Research Fellow
While the defining research on the Stuxnet topic doesn’t go this far, Forbes writer Trevor Butterworth went out on a limb to name names along with detailing the warfare aspects: As I noted last week – and as the news media have only begun to grasp – Stuxnet represents a conceptual change in the history
...we have just published a lengthy analysis that considers many of these questions, as well as discussing some of the characteristics of this fascinating and multi-faceted malicious code. The report is already available here, and will shortly be available on the ESET white papers page.
We realize there have been a lot of articles in the blog now about the Win32/Stuxnet malware and its new vector for spreading, but when vulnerabilities emerge that can be widely exploited, it is important to share information so that people can protect themselves from the threat. Detection for Win32/Stuxnet and the shortcut (LNK) files
Perhaps you're getting as tired of this thing as I am (though with the information still coming in, I'm not going to be finished with this issue for a good while, I suspect). But without wishing to hype, I figure it's worth adding links to some further resources. There's a very useful comment by Jake
On July 17th, ESET identified a new malicious file related to the Win32/Stuxnet worm. This new driver is a significant discovery because the file was signed with a certificate from a company called "JMicron Technology Corp". This is different from the previous drivers which were signed with the certificate from Realtek Semiconductor Corp. It is