Blog Posts Tagged with "W32.Flamer"
Counterpoint to F-Secure: Flame is Still Lame
June 18, 2012 Added by:J. Oquendo
I would like to believe that most governments have enough of a clue to avoid walking into a house like a Ninja only to bubble wrap their feet. History has shown us that they do. Does this make them innocent with regards to Flame or Stuxnet, not really, but yields more questions that don't quite add up...
Comments (0)
Microsoft May Be Infiltrated by Government Cyber Operatives
June 18, 2012 Added by:Headlines
“If there is an operation under way and being run by a US intelligence agency it would make perfect sense for them to plant moles inside Microsoft to assist in pulling it off... This makes you think that this breach of Microsoft's update system was done by someone like the NSA..." said F-Secure's Mikko Hypponen...
Comments (0)
Flame's MD5 Collision: Most Worrisome Security Discovery of 2012
June 15, 2012 Added by:Richard Stiennon
Stuxnet, Duqu and Flame have used false certificates to infiltrate a network. Action must be taken today to discover and root out MD5 certificates from the enterprise. We are beyond the proof of concept stage. Certificate attacks will be with us as long as MD5 based certificates are used to authenticate critical systems....
Comments (0)
Flame: Cutting Through Media and SME Hype
June 14, 2012 Added by:J. Oquendo
Flame is a very loud piece of malware. It is a horrendous 20Mb contraption which screams: "look at me." Many of the components in Flame are borrowed, re-hashed, re-written and re-deployed. AV companies are suggesting there is "no financial gain" being sought by Flame and to that I state: "How would you know?"
Comments (0)
Cybergate: Stuxnet and Flame are Related
June 11, 2012 Added by:Joel Harding
Contrary to previous reports that Stuxnet and Flame were unrelated, the authors apparently worked together at one point. If this is the case we might begin looking for evidence of more code from Operation Olympic Games floating around. Flame provides a framework for future warfare in cyberspace...
Comments (0)
Researchers: Flame Malware Shares Stuxnet Virus Module
June 11, 2012 Added by:Headlines
"Despite the fact that Stuxnet has been the subject of in-depth analysis... the mysterious 'resource 207' from 2009 has gone largely unnoticed. But it turns out that this is the missing link between Flame and Stuxnet... Clearly, these two pieces of exploit code were written by the same programmer..."
Comments (0)
sKyWIper-Flame Malware Cryptographic Collision Attack
June 07, 2012 Added by:Infosec Island Admin
The sKyWIper malware uses a new cryptographic collision attack in combination with the terminal server licensing service certificates to sign code as if it came from Microsoft. However, code-signing without performing a collision is also possible. This is an avenue for compromise that may be used by additional attackers..
Comments (0)
The Dangers of Chasing the Next Flame [Malware]
June 05, 2012 Added by:Rafal Los
Are we under cyber attack? Yes - but we have been aware of this for quite some time. Is there an escalation in the ferocity with which complex organizations are being attacked by unknown parties? Absolutely. But if you don't have your enterprise resiliency fundamentals in order, who really cares...
Comments (0)
Operation Olympic Game, Project X and the Assault on Security
June 04, 2012 Added by:Richard Stiennon
The IT security industry has found a new threat actor: The United States. If DARPA is developing new attack methodologies then the industry will develop new defenses in response. The use of cyber weapons is going to pit the US military and intelligence community against the IT security industry...
Comments (0)
W32.Flamer Used Spoofed Microsoft Digital Certificates
June 04, 2012 Added by:Headlines
"We have discovered through our analysis that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft. We identified that an older cryptography algorithm could be exploited and then be used to sign code as if it originated from Microsoft..."
Comments (0)
Flame Virus: A Controlled Burn?
June 02, 2012 Added by:Larry Karisny
What Flame is doing in the Middle East attacks can be done in other countries, even the ones releasing the attack. The technical nature of computer virus propagation could leak the virus to unintended areas, as happened with Stuxnet. Playing with these vulnerabilities is like playing with fire...
Comments (1)
Flamer: I Can Haz Propaganda...
May 31, 2012 Added by:J. Oquendo
Studies on malware by vendors are not being done for anything other than being able to state: "We can defend you from MalwareX if you purchase Product Y." This is the reality of it. What better mechanism to do so than to paint the boogeyman as a rogue country. After all, countries spend millions on security...
Comments (0)
Cyberwar Threats and Critical Infrastructure Vulnerabilities
May 31, 2012 Added by:Headlines
"Targeted attacks are increasing dramatically. It could be state sponsored or it could be just hacktivists or it could be a cyber criminal organisation. But we know the number one target is government institutions and the second is manufacturing, including oil and gas..."
Comments (0)
Flame Malware: From Genesis to the Conspiracy Theory
May 31, 2012 Added by:Pierluigi Paganini
Some antivirus providers were ready with a fix for Flame. This information, together with evidence that the malware dates to at least 2010, would lead me to believe that the major security companies were aware of Flame and have been silent because of agreements with Western governments...
Comments (2)
Flame: Implications vs. Speculation
May 30, 2012 Added by:Robert M. Lee
Attribution is incredibly hard to apply in the cyber domain, and even the most appealing pieces of evidence can be purposely misleading. The perception of attribution applied to a nation-state cyber attack can put tension on nation-state relationships, have an effect on deterrence, and cause real-world issues...
Comments (0)
Symantec Flame Analysis: A Sophisticated and Discreet Threat
May 30, 2012 Added by:Headlines
"The modular nature of this malware suggests that a group of developers have created it with the goal of maintaining the project over a long period of time; very likely along with a different set of individuals using the malware. The architecture... allows the authors to change functionality and behavior"...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)