Blog Posts Tagged with "Stuxnet"
House Testimony: Iran Preparing Attacks on U.S. Infrastructure
April 26, 2012 Added by:Headlines
Cybersecurity experts will testify before Congress today on the high probability that the Iranian government is engaged in building a cyber offensive force geared towards attacks against critical U.S. infrastructure targets including power and water distribution facilities...
Comments (0)
Iranian Double Agents Planted Stuxnet in Nuclear Facilities
April 18, 2012 Added by:Dan Dieterle
“Using a person on the ground would greatly increase the probability of computer infection, as opposed to passively waiting for the software to spread through the computer facility. 'Iranian double agents' would have helped to target the most vulnerable spots in the system...”
Comments (0)
Second Annual Cyber Security Summit (Prague) Write-up
April 16, 2012 Added by:Robert M. Lee
An important aspect of the conference was the ability to network with people from a wide variety of sectors. Establishing new connections, sources of information, and building friendships opens up avenues for much needed information sharing. Emphasis must be placed on education...
Comments (0)
Ten Takeaways from the Tilded Platform
April 03, 2012 Added by:Robert M. Lee
Stuxnet had a major impact on ICS/SCADA. It revealed vulnerabilities that many cyber security experts in that community had been warning about for years. Moreover, it showed that nation-states are willing to target these systems if it helps the success of a mission...
Comments (0)
Duqu Cyber Weapons Factory Still Operating
March 29, 2012 Added by:Pierluigi Paganini
I graphed the data supplied by leading teams involved in research on Duqu. Does the fact that the majority of instances have been identified in Sudan and Iran suggest something? Have you still doubts about who may have developed this powerful family of cyber weapons?
Comments (0)
Symantec Identifies New Duqu Trojan Driver Variant
March 20, 2012 Added by:Headlines
Symantec reports the discovery of a previously unseen driver (mcd9×86.sys) for Duqu that was apparently compiled as recently as February of this year, giving reason to believe the malware is very much alive and kicking...
Comments (0)
U.S. Nuclear Facility Networks "Under Constant Attack"
March 20, 2012 Added by:Headlines
"Stuxnet showed that airgapping is not a perfect defense. Even in secure systems, people stick in their thumb drives, they go back and forth between computers. They can find vulnerabilities that way. If people put enough attention to it, they can possibly be penetrated..."
Comments (0)
What are Cyber Weapons?
March 14, 2012 Added by:Dan Dieterle
"Instruments of code-borne attack span a wide spectrum, from generic but low-potential tools to specific but high-potential weaponry. This distinction brings into relief a two-pronged hypothesis that stands in stark contrast to some of the received wisdom on cyber-security..."
Comments (0)
A Stuxnet Drinking Game
March 13, 2012 Added by:Joel Harding
If one deconstructs Stuxnet down to its basic functions, nothing is new - but in its execution, success and the huge publicity of its discovery, Stuxnet is a finely manufactured weapon which I expect will be duplicated in its functionality many, many times...
Comments (0)
Smart Grid Network Security Spending to Reach $14 Billion
March 12, 2012 Added by:Headlines
"Utilities have – as many predicted – realized that their grids are no longer isolated or protected from attackers. Smart grids need intelligence or they are not smart. Adding that intelligence to grids will increase their attack surface and utilities know this..."
Comments (0)
Are DOE and DHS Helping to Secure the Infrastructure or Not?
March 08, 2012 Added by:Joe Weiss
DOE and the utilities are in an effort to secure the Grid. Yet the utilities voted down Version 5 of the NERC CIPs. Many of the devices that have been demonstrated to be vulnerable would not be addressed by NERC. Who is responsible for protecting critical infrastructure?
Comments (0)
MS08_068 + MS10_046 = FUN UNTIL 2018
March 07, 2012 Added by:Rob Fuller
If you are on an internal penetration test and either exploit a machine or find an open share, you can create an LNK file with an icon that points at a nonexistent share on your attacking machine's IP...
Comments (0)
Observations from RSA, BSides, and GABA
March 04, 2012 Added by:Joe Weiss
Stuxnet was being discussed by many without understanding the controller aspect. Most vendors were using technologies developed for monitoring IT networks and applying them to the SCADA networks. There were very few vendors that were addressing the field controllers...
Comments (0)
The Cyber Arms Race: Casting Shadows on the Future
March 01, 2012 Added by:Pierluigi Paganini
We are confronted with a new arms race for cyber weapons, and as governments around the world compete for innovation, a cultural revolution is occurring in nations which have been considered minor, and which are now nearly on par superpowers like the U.S. and China...
Comments (0)
Antivirus Ban for Iran: A Controversial Penalty
February 20, 2012 Added by:Pierluigi Paganini
Iran will be banned from the purchase of antivirus systems, a technological embargo with clear implications for the Stuxnet virus attacks and the need to prevent further infections to control systems for critical infrastructures, namely their nuclear programs...
Comments (0)
Iran Successfully Eradicates Stuxnet Virus Infestation
February 15, 2012 Added by:Headlines
"I would assume that once Iran learned of Stuxnet, then intelligence agencies looked at this method of cyber attack as compromised regardless of how long it has taken Iran to neutralize it. It is a cat and mouse game..."
Comments (0)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR