Blog Posts Tagged with "W32.Flamer"
June 18, 2012 Added by:J. Oquendo
I would like to believe that most governments have enough of a clue to avoid walking into a house like a Ninja only to bubble wrap their feet. History has shown us that they do. Does this make them innocent with regards to Flame or Stuxnet, not really, but yields more questions that don't quite add up...
June 18, 2012 Added by:Headlines
“If there is an operation under way and being run by a US intelligence agency it would make perfect sense for them to plant moles inside Microsoft to assist in pulling it off... This makes you think that this breach of Microsoft's update system was done by someone like the NSA..." said F-Secure's Mikko Hypponen...
June 15, 2012 Added by:Richard Stiennon
Stuxnet, Duqu and Flame have used false certificates to infiltrate a network. Action must be taken today to discover and root out MD5 certificates from the enterprise. We are beyond the proof of concept stage. Certificate attacks will be with us as long as MD5 based certificates are used to authenticate critical systems....
June 14, 2012 Added by:J. Oquendo
Flame is a very loud piece of malware. It is a horrendous 20Mb contraption which screams: "look at me." Many of the components in Flame are borrowed, re-hashed, re-written and re-deployed. AV companies are suggesting there is "no financial gain" being sought by Flame and to that I state: "How would you know?"
June 11, 2012 Added by:Joel Harding
Contrary to previous reports that Stuxnet and Flame were unrelated, the authors apparently worked together at one point. If this is the case we might begin looking for evidence of more code from Operation Olympic Games floating around. Flame provides a framework for future warfare in cyberspace...
June 11, 2012 Added by:Headlines
"Despite the fact that Stuxnet has been the subject of in-depth analysis... the mysterious 'resource 207' from 2009 has gone largely unnoticed. But it turns out that this is the missing link between Flame and Stuxnet... Clearly, these two pieces of exploit code were written by the same programmer..."
June 07, 2012 Added by:Infosec Island Admin
The sKyWIper malware uses a new cryptographic collision attack in combination with the terminal server licensing service certificates to sign code as if it came from Microsoft. However, code-signing without performing a collision is also possible. This is an avenue for compromise that may be used by additional attackers..
June 05, 2012 Added by:Rafal Los
Are we under cyber attack? Yes - but we have been aware of this for quite some time. Is there an escalation in the ferocity with which complex organizations are being attacked by unknown parties? Absolutely. But if you don't have your enterprise resiliency fundamentals in order, who really cares...
June 04, 2012 Added by:Richard Stiennon
The IT security industry has found a new threat actor: The United States. If DARPA is developing new attack methodologies then the industry will develop new defenses in response. The use of cyber weapons is going to pit the US military and intelligence community against the IT security industry...
June 04, 2012 Added by:Headlines
"We have discovered through our analysis that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft. We identified that an older cryptography algorithm could be exploited and then be used to sign code as if it originated from Microsoft..."
June 02, 2012 Added by:Larry Karisny
What Flame is doing in the Middle East attacks can be done in other countries, even the ones releasing the attack. The technical nature of computer virus propagation could leak the virus to unintended areas, as happened with Stuxnet. Playing with these vulnerabilities is like playing with fire...
May 31, 2012 Added by:J. Oquendo
Studies on malware by vendors are not being done for anything other than being able to state: "We can defend you from MalwareX if you purchase Product Y." This is the reality of it. What better mechanism to do so than to paint the boogeyman as a rogue country. After all, countries spend millions on security...
May 31, 2012 Added by:Headlines
"Targeted attacks are increasing dramatically. It could be state sponsored or it could be just hacktivists or it could be a cyber criminal organisation. But we know the number one target is government institutions and the second is manufacturing, including oil and gas..."
May 31, 2012 Added by:Pierluigi Paganini
Some antivirus providers were ready with a fix for Flame. This information, together with evidence that the malware dates to at least 2010, would lead me to believe that the major security companies were aware of Flame and have been silent because of agreements with Western governments...
May 30, 2012 Added by:Robert M. Lee
Attribution is incredibly hard to apply in the cyber domain, and even the most appealing pieces of evidence can be purposely misleading. The perception of attribution applied to a nation-state cyber attack can put tension on nation-state relationships, have an effect on deterrence, and cause real-world issues...
May 30, 2012 Added by:Headlines
"The modular nature of this malware suggests that a group of developers have created it with the goal of maintaining the project over a long period of time; very likely along with a different set of individuals using the malware. The architecture... allows the authors to change functionality and behavior"...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013