Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Stuxnet
09-25-2010, 09:08 PM,
#1
Stuxnet
This sums this up pretty nicely:

Stuxnet

Quote:Cyber security experts say they have identified the world’s first known cyber super weapon designed specifically to destroy a real-world target – a factory, a refinery, or just maybe a nuclear power plant.

The cyber worm, called Stuxnet, has been the object of intense study since its detection in June. As more has become known about it, alarm about its capabilities and purpose have grown. Some top cyber security experts now say Stuxnet’s arrival heralds something blindingly new: a cyber weapon created to cross from the digital realm to the physical world – to destroy something.

Quote:Stuxnet surfaced in June and, by July, was identified as a hypersophisticated piece of malware probably created by a team working for a nation state, say cyber security experts. Its name is derived from some of the filenames in the malware. It is the first malware known to target and infiltrate industrial supervisory control and data acquisition (SCADA) software used to run chemical plants and factories as well as electric power plants and transmission systems worldwide.

Quote:Since reverse engineering chunks of Stuxnet's massive code, senior US cyber security experts confirm what Mr. Langner, the German researcher, told the Monitor: Stuxnet is essentially a precision, military-grade cyber missile deployed early last year to seek out and destroy one real-world target of high importance – a target still unknown.

Quote:So far, Stuxnet has infected at least 45,000 industrial control systems around the world, without blowing them up – although some victims in North America have experienced some serious computer problems, Eric Byres, a Canadian expert, told the Monitor. Most of the victim computers, however, are in Iran, Pakistan, India, and Indonesia. Some systems have been hit in Germany, Canada, and the US, too. Once a system is infected, Stuxnet simply sits and waits – checking every five seconds to see if its exact parameters are met on the system. When they are, Stuxnet is programmed to activate a sequence that will cause the industrial process to self-destruct, Langner says.

Quote: A geographical distribution of computers hit by Stuxnet, which Microsoft produced in July, found Iran to be the apparent epicenter of the Stuxnet infections. That suggests that any enemy of Iran with advanced cyber war capability might be involved, Langner says. The US is acknowledged to have that ability, and Israel is also reported to have a formidable offensive cyber-war-fighting capability.
Could Stuxnet's target be Iran's Bushehr nuclear power plant, a facility much of the world condemns as a nuclear weapons threat?


The link has a lot more info about it and the Iran connection.

Security expert says that Stuxnet could have originated in Israel

Iranian nuclear and industrial processes infected

Quote:Speaking to Al Jazeera, Rik Ferguson, a senior security adviser at the computer security company Trend Micro, described the worm as "very sophisticated".

"It is designed both for information theft, looking for design documents and sending that information back to the controllers, and for disruptive purposes," he said.
Reply
09-25-2010, 10:23 PM,
#2
RE: Stuxnet
Quote:"It is designed both for information theft, looking for design documents and sending that information back to the controllers, and for disruptive purposes," he said.

Then it should be relatively easy to determine it's origin.
[Image: Signature2.gif]
Reply
09-28-2010, 12:34 AM,
#3
Stuxnet worm rampaging through Iran
Stuxnet worm rampaging through Iran
http://www.breitbart.com/article.php?id=CNG.61485f3a7b088257f23fcec77d009c52.5c1&show_article=1

Worm hits computers of staff at Iran nuclear plant
http://www.google.com/hostednews/ap/article/ALeqM5jam2yTGb8W1t53gQ6S-RbSquSmiAD9IFORD00

Pentagon Silent on Iranian Nuke Virus
http://liveshots.blogs.foxnews.com/2010/09/27/pentagon-silent-on-iranian-nuke-virus/
Reply
09-28-2010, 02:40 AM,
#4
RE: Stuxnet worm rampaging through Iran
I am sure such events will be more and more frequent. Silly thing is, too many people falsely believe Iran to be in a similar state to 1990's Iraq, and so not capable of defending themselves against such stupidity and other playground antics.
"He that saith he abideth in him ought himself also so to walk, even as he walked." -- 1 John 2:6
"Whatever affects one directly, affects all indirectly... This is the interrelated structure of reality." -- Martin Luther King Jr.
"He that answereth a matter before he heareth it, it is folly and shame unto him." -- Proverbs 18:13
"Everyone thinks of changing the world, but no one thinks of changing himself." -- Leo Tolstoy
"To love is to be vulnerable" -- C.S Lewis

The Kingdom of God is within you! -- Luke 17:20-21

https://duckduckgo.com/
Reply
09-28-2010, 03:00 AM,
#5
RE: Stuxnet worm rampaging through Iran
(09-28-2010, 02:40 AM)Dunamis Wrote: I am sure such events will be more and more frequent. Silly thing is, too many people falsely believe Iran to be in a similar state to 1990's Iraq, and so not capable of defending themselves against such stupidity and other playground antics.

No doubt there will be more, and here. Iraq and Afghanistan are laboratories. And now, Iran is one, too. Experimentation before application here. Same silly people know even less about Iran that they think they know about Iraq, which is just about nothing.
Reply
09-28-2010, 07:52 AM,
#6
RE: Stuxnet
Hi all, I am new in this forum...Please guide me in the forum its rules and guideline.
Reply
09-30-2010, 08:44 AM,
#7
Possible biblical clue seen in STUXNET worm hitting Iran
Possible biblical clue seen in computer worm hitting Iran

Some experts say program's code might include reference to the Book of Esther, the Old Testament tale in which the Jews pre-empt a Persian plot to destroy them.

By John Markoff and David E. Sanger
THE NEW YORK TIMES
Sept. 29, 2010
http://www.statesman.com/news/world/possible-biblical-clue-seen-in-computer-worm-hitting-945612.html

Deep inside the computer worm that some specialists suspect is aimed at slowing Iran's race for a nuclear weapon lies what could be a fleeting reference to the Book of Esther, the Old Testament tale in which the Jews pre-empt a Persian plot to destroy them.

That use of the word "Myrtus" — which can be read as an allusion to Esther — to name a file inside the code is one of several murky clues that have emerged as computer experts try to trace the origin and purpose of the rogue Stuxnet program, which seeks out a specific kind of command module for industrial equipment.

There are many competing explanations for myrtus, which could simply signify myrtle, a plant important to many cultures in the region. But some security experts see the reference as an allusion to the Hebrew word for Esther, and as a warning in a mounting technological and psychological battle as Israel and its allies try to breach Iran's nuclear project. Others doubt the Israelis were involved and say the word could have been inserted as deliberate misinformation to implicate Israel.

Carol Newsom, an Old Testament scholar at Emory University, confirmed the linguistic connection, noting that Queen Esther's original name in Hebrew was Hadassah, which is similar to the Hebrew word for myrtle. Perhaps, she said, "someone was making a learned cross-linguistic wordplay."

"The Iranians are already paranoid about the fact that some of their scientists have defected and several of their secret nuclear sites have been revealed," one former intelligence official who still works on Iran issues said recently. "Whatever the origin and purpose of Stuxnet, it ramps up the psychological pressure."

New U.S. sanctions

Meanwhile, the Obama administration stepped up pressure against Iran's government Wednesday, slapping financial and travel sanctions on eight Iranian officials and accusing them of taking part in rampant human rights abuses.

Under an executive order signed this week by President Barack Obama, the State and Treasury departments jointly announced the sanctions that target Iranians who "share responsibility for the sustained and severe violation of human rights in Iran," notably after last year's disputed presidential elections.

The move bars the eight Iranians from entering the United States, blocks any of their U.S. assets and prohibits Americans from doing business with them.

Additional material from The Associated Press.
Reply
10-01-2010, 01:11 AM,
#8
Stuxnet 'cyber superweapon' moves to China
Stuxnet 'cyber superweapon' moves to China
Sep 30 07:16 AM US/Eastern
http://www.breitbart.com/article.php?id=CNG.f6fba55ad8f5e329c0c25bad9aa7b8d3.651&show_article=1

A computer virus dubbed the world's "first cyber superweapon" by experts and which may have been designed to attack Iran's nuclear facilities has found a new target -- China.

The Stuxnet computer worm has wreaked havoc in China, infecting millions of computers around the country, state media reported this week.

Stuxnet is feared by experts around the globe as it can break into computers that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like pumps, motors, alarms and valves.

It could, technically, make factory boilers explode, destroy gas pipelines or even cause a nuclear plant to malfunction.

The virus targets control systems made by German industrial giant Siemens commonly used to manage water supplies, oil rigs, power plants and other industrial facilities.

"This malware is specially designed to sabotage plants and damage industrial systems, instead of stealing personal data," an engineer surnamed Wang at antivirus service provider Rising International Software told the Global Times.

"Once Stuxnet successfully penetrates factory computers in China, those industries may collapse, which would damage China's national security," he added.

Another unnamed expert at Rising International said the attacks had so far infected more than six million individual accounts and nearly 1,000 corporate accounts around the country, the official Xinhua news agency reported.

The Stuxnet computer worm -- a piece of malicious software (malware) which copies itself and sends itself on to other computers in a network -- was first publicly identified in June.

It was found lurking on Siemens systems in India, Indonesia, Pakistan and elsewhere, but the heaviest infiltration appears to be in Iran, according to software security researchers.

A Beijing-based spokesman for Siemens declined to comment when contacted by AFP on Thursday.

Yu Xiaoqiu, an analyst with the China Information Technology Security Evaluation Centre, downplayed the malware threat.

"So far we don't see any severe damage done by the virus," Yu was quoted by the Global Times as saying.

"New viruses are common nowadays. Both personal Internet surfers and Chinese pillar companies don't need to worry about it at all. They should be alert but not too afraid of it."

A top US cybersecurity official said last week that the country was analysing the computer worm but did not know who was behind it or its purpose.

"One of our hardest jobs is attribution and intent," Sean McGurk, director of the National Cybersecurity and Communications Integration Center (NCCIC), told reporters in Washington.

"It's very difficult to say 'This is what it was targeted to do,'" he said of Stuxnet, which some computer security experts have said may be intended to sabotage a nuclear facility in Iran.

A cyber superweapon is a term used by experts to describe a piece of malware designed specifically to hit computer networks that run industrial plants.

"The Stuxnet worm is a wake-up call to governments around the world," Derek Reveron, a cyber expert at the US Naval War School, was quoted as saying Thursday by the South China Morning Post.

"It is the first known worm to target industrial control systems."
Reply
10-01-2010, 07:22 AM,
#9
STUXNET News Roundup
STUXNET News Roundup

Getting rid of a rootkit is like having a root canal.

Might you be a terrorist if you have one of these?

[Image: memory-460x276.jpg]

Stuxnet strikes China
A report being distributed by state news agency Xinhua claims that the Stuxnet attack originated from servers located in the USA. Stuxnet can also spread over networks, but does so by exploiting a vulnerability in the Windows printer spooler, which is deactivated by default and not usually accessible from the web. Dissemination via infected USB flash drives at the sort of pace being claimed is not credible. It may be that the worm is able to spread by using a further as yet undiscovered method.
http://www.h-online.com/security/news/item/Stuxnet-strikes-China-1099519.html

Did The Stuxnet Worm Kill India's INSAT-4B Satellite?‎
http://blogs.forbes.com/firewall/2010/09/29/did-the-stuxnet-worm-kill-indias-insat-4b-satellite/

Unpacked Stuxnet Is Ugly for the Microsoft Channel
"With the forensics we now have it is evident and provable that Stuxnet is a directed sabotage attack involving heavy insider knowledge," Langer wrote on his Web site.
http://rcpmag.com/blogs/scott-bekker/2010/09/unpacked-stuxnet-is-ugly-for-the-microsoft-channel.aspx

Holiday concerns in China over 'cyber superweapon'
http://www.google.com/hostednews/afp/article/ALeqM5jypOqui89lMMVDjDANvQF36iqAkA?docId=CNG.27a028ad8f0542cd7177615afc42a4d3.401

Inside Stuxnet: Researcher drops new clues about origin of worm
http://www.zdnet.com/blog/security/inside-stuxnet-researcher-drops-new-clues-about-origin-of-worm/7409

Stuxnet Malware Attack Speculation Leans Towards Israel
http://www.eweek.com/c/a/Security/Stuxnet-Malware-Attack-Speculation-Leans-Towards-Israel-468697/

Stuxnet worm heralds new era of global cyberwar
Attack aimed at Iran nuclear plant and recently revealed 2008 incident at US base show spread of cyber weapons
http://www.guardian.co.uk/technology/2010/sep/30/stuxnet-worm-new-era-global-cyberwar
Reply
10-01-2010, 11:03 AM,
#10
RE: STUXNET News Roundup
Here's an important one you missed Mr. Tater.

Sorry about not picking the german out of Google translated text (is there anything better?) - it's late and I'm tired. But maybe the news you're getting from Forbes, ZDNet, AFP (via Google News), the Guardian and some Tech mag repeaters isn't telling the whole story - then again Speigl is about in line with Russia Today so hey what to beleive since they're part of the machine too:

But you don't hear this much in the west even though it's part of the AFP / AP feed.


Quote:28. 28. September 2010, 13:54 Uhr September 2010, 13:54 clock
Stuxnet-Angriff Stuxnet attack

Iran wirft Westen Cyber-Propaganda vor Iran accuses West cyber-propaganda

Erst erklärte Iran, die Atomanlagen des Landes seien vom Computerwurm Stuxnet attackiert worden - jetzt folgt die Wende: Berichte über den Cyber-Angriff seien ein Propaganda-Trick des Westens, erklärte das Außenamt. was first declared Iran's nuclear facilities in the country were attacked by the computer worm Stuxnet - now comes the turn: Reports on the cyber-attack were a propaganda ploy of the West, said the Foreign Office.

Teheran - Nach der Cyber-Attacke auf Zehntausende Computer der iranischen Industrie- und Atomanlagen versucht Teheran jetzt, die Berichte als "Propaganda-Trick" des Westens herunterzuspielen. Tehran - The cyber-attack on tens of thousands of computers of Iran's industrial and nuclear facilities, Tehran now tries to play down the reports as "propaganda ploy" of the West. Die von vielen vermutete Katastrophe durch den Computer-Schädling Stuxnet gebe es gar nicht, deutete das iranische Außenministerium am Dienstag an. The suspected of giving many disaster by the computer-pest Stuxnet not do it, indicated the Iranian foreign ministry on Tuesday. "Jetzt kommt der Westen mit einer neuen Geschichte und einem neuen Propaganda-Trick, den kein Mensch hier ernst nimmt", sagte Außenamtssprecher Ramin Mehmanparast. "Now the West is a new story and a new propaganda trick that no one here seriously," said Foreign Ministry spokesman Ramin Mehmanparast.

Am Wochenende hörte sich das noch ganz anders an. On weekends, the still heard quite different. Ein Beamter aus dem Industrieministerium hatte erklärt, 30.000 Rechner seien befallen . An official from the Industry Ministry had said that 30,000 computers were infected . Und: Der Wurm sei "ein Teil des elektronischen Krieges gegen Iran". And: The worm is "a part of the electronic war against Iran." Ein weiterer Vertreter aus dem Ministerium für Kommunikations- und Informationstechnologie sagte der halbstaatlichen Nachrichtenagentur Mehr zufolge, "die Auswirkungen und der Schaden durch diesen Spionagewurm in Regierungssystemen sind nicht ernst". Another representative from the Ministry of Communications and Information Technology said the semi-governmental news agency, according to More, "the impact and the damage caused by this worm in espionage systems of government are not serious". Man habe den Angriff durch den Schädling "mehr oder weniger" gestoppt. They have stopped the attack by the pest "more or less". Beamte der iranischen Atomenergiebehörde kamen in dieser Woche zu Beratungen darüber zusammen, wie der Wurm wieder von den Rechnern entfernt werden kann. Officials of the Iranian Atomic Energy Agency came in this week for discussions on how the worm can be removed from the computers.

Außenamtssprecher Mehmanparast wies nun Berichte über eine Infizierung der Rechner in der Atomanlage Buschehr energisch zurück. Foreign Ministry spokesman Mehmanparast now had reports of an infection of the host in the Bushehr nuclear plant back vigorously. "Die Arbeit in Buschehr geht wie geplant weiter, das Kraftwerk wird in zwei Monaten ans Netz gehen." "The work in Bushehr goes as planned, the plant will go in two months to the grid." Auch Irans Atomchef Ali-Akbar Salehi hatte am Montag erklärt, dass in Buschehr alles normal sei. Even Iran's nuclear chief Ali-Akbar Salehi had said on Monday that everything was normal in Bushehr. Dennoch wurde ein hochqualifiziertes IT-Sicherheitsteam dorthin entsandt, um die Rechner zu inspizieren und zu säubern. However, a highly skilled IT security team was sent there to inspect the machine and cleaned.

Dass der Wurm Rechner von Angestellten im ersten Atomkraftwerk Irans befallen habe, hatte der Leiter der Anlage am Wochenende selbst mitgeteilt . That the worm computer employees under Iran's first nuclear power plant was attacked, had the head of the plant at the weekend told himself . Es gebe aber keine Schäden an den wichtigen Systemen der Anlage, versicherte Mahmud Dschafari, laut einem Bericht der Nachrichtenagentur IRNA vom Sonntag. but there was no damage to the vital systems of the plant, assuring Mahmoud Jafari, according to a report by the news agency IRNA on Sunday. Dass der Wurm auf mehreren Rechnern im Kraftwerk gefunden worden sei, ändere nichts an den Plänen, die Atomanlage im Oktober in Betrieb zu nehmen. That the worm had been found on several computers in the power plant does not alter the plans to take the nuclear plant in October.

Sicherheitslücken im Wert von einer Million Euro ausgenutzt Vulnerabilities in the value of one million € exploited

Fachleute von unterschiedlichen Unternehmen sind sich einig, dass Stuxnet nicht einfach irgendein Virus ist. Experts from different companies agree that Stuxnet not just any virus. Die Software ist so komplex und bedient sich so vieler verschiedener Angriffsmöglichkeiten, dass ein Geheimdienst oder eine andere Organisation mit staatlicher Rückendeckung hinter der Cyberattacke vermutet wird. The software is so complex and uses so many different attack vectors that a secret service or other organization with state backing is suspected behind the cyber attack.

Dafür spricht auch, dass die Stuxnet-Autoren vier bis dahin unbekannte Windows-Sicherheitslücken, sogenannte Zero-Day-Exploits, ausgenutzt haben. This is also suggested that the authors have four Stuxnet exploit previously unknown Windows vulnerability, so-called zero-day exploits. Auf dem Schwarzmarkt etwa sei jeder solcher Exploit "grob geschätzt eine Viertelmillion Euro wert", schätzt Gert Hansen von der Sicherheitsfirma Astaro. On the black market as if every such exploit "roughly estimated quarter of a million euros worth," Gert Hansen estimated by security firm Astaro. Verbreitet wurde Stuxnet unter anderem über USB-Sticks - so konnte die Software auch Systeme befallen, die gar keine Verbindung zum Internet haben. Widespread Stuxnet was among other USB flash drives - so the software could also affect systems that have no connection to the Internet.
Sean McGurk, chief of the National Cyber Security and Communications Integration Center (NCCIC) said they had analyzed the software, it is hard to say what purpose they serve. Man sei derzeit weniger damit beschäftigt, nach der Quelle der Schadsoftware zu suchen, als ihre Ausbreitung zu verhindern. It is currently less busy looking for the source of malicious software, and to prevent their spread.

Im Juli wurde die Existenz des Stuxnet-Wurms erstmals öffentlich gemeldet. In July, the existence of the Stuxnet worm was first reported publicly. Weißrussische PC-Experten hatten den Wurm entdeckt, der sich über USB-Sticks verbreitete und sogar in Windows-Systemen einnisten konnte, die mit allen aktuellen Patches abgesichert waren. Belarusian PC experts had discovered the worm that spread via USB sticks and could even live in Windows systems, which were covered with all current patches. Einer Untersuchung der IT-Sicherheitsfirma Symantec zufolge stehen knapp 60 Prozent der infizierten Rechner in Iran, knapp 20 Prozent in Indonesien, gut acht Prozent in Indien. A study of IT security company Symantec, according to stand nearly 60 percent of infected computers in Iran, almost 20 percent in Indonesia, over eight percent in India. Für den kommenden Donnerstag sind zwei Fachvorträge über den Wurm angekündigt . For next Thursday, two are lectures about the worm announced . Zumindest in einem davon sollen angeblich auch Schlussfolgerungen über Ziel und Urheber der Software präsentiert werden. In at least one of which allegedly are also conclusions on the objective and author of the software are presented.

cis/dpa/dapd/AFP/AP cis / dpa / DAPD / AFP / AP

URL: URL:

* http://www.spiegel.de/netzwelt/netzpolitik/0,1518,720043,00.html http://www.spiegel.de/netzwelt/netzpolitik/0, 1518,720043,00. html

MEHR AUF SPIEGEL ONLINE: MORE ON SPIEGEL ONLINE:

* Themenseite: Computerviren Topic: Computer Viruses
http://www.spiegel.de/thema/computerviren/ http://www.spiegel.de/thema/computerviren/
* Computervirus Stuxnet: Der Wurm, der aus dem Nichts kam (22.09.2010) Computer Virus Stuxnet: The worm, which came out of nowhere (22/09/2010)
http://www.spiegel.de/netzwelt/web/0,1518,718927,00.html http://www.spiegel.de/netzwelt/web/0, 1518,718927,00. html
* Geheimnisvolle Cyber-Attacke: Stuxnet-Wurm befällt Rechner in iranischem AKW (26.09.2010) Mysterious Cyber attack: Stuxnet worm infects computers in Iranian nuclear power plant (26/09/2010)
http://www.spiegel.de/netzwelt/netzpolitik/0,1518,719654,00.html http://www.spiegel.de/netzwelt/netzpolitik/0, 1518,719654,00. html
* BBC-Auftritt: Obama kontert Ahmadinedschads 9/11-Rede (24.09.2010) BBC website: Obama countered Ahmadinejad 9/11-Rede (24.09.2010)
http://www.spiegel.de/politik/ausland/0,1518,719512,00.html http://www.spiegel.de/politik/ausland/0, 1518,719512,00. html
* Verschwörungstheorien zu 9/11: Ahmadinedschad sorgt im Uno-Plenum für Eklat (24.09.2010) Conspiracy theories about 9 / 11: Ahmadinejad makes the UN plenary for scandal (24.09.2010)
http://www.spiegel.de/politik/ausland/0,1518,719248,00.html http://www.spiegel.de/politik/ausland/0, 1518,719248,00. html
* Computerwurm in Irans AKW: IT-Experten fahnden nach Stuxnet-Schöpfern (26.09.2010) Computer worm in Iran's nuclear plant: experts search for IT Stuxnet-creators (26/09/2010)
http://www.spiegel.de/netzwelt/netzpolitik/0,1518,719662,00.html http://www.spiegel.de/netzwelt/netzpolitik/0, 1518,719662,00. html
* Iran: Gericht verurteilt Blogger zu 19 Jahren Haft (28.09.2010) Iran court sentences blogger to 19 years in prison (28/09/2010)
http://www.spiegel.de/netzwelt/netzpolitik/0,1518,720110,00.html http://www.spiegel.de/netzwelt/netzpolitik/0, 1518,720110,00. html
* DER SPIEGEL DER SPIEGEL
http://www.spiegel.de/spiegel/print/d-73107858.html http://www.spiegel.de/spiegel/print/d-73107858.html

MEHR IM INTERNET MORE ON THE INTERNET

* "Virus Bulletin"-Konferenz in Vancouver Virus Bulletin Conference in Vancouver
http://www.virusbtn.com/conference/vb2010/index http://www.virusbtn.com/conference/vb2010/index
* VB-Konferenz: Symantec-Vortrag über Stuxnet VB Conference: Symantec lecture on Stuxnet
http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute7.xml http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute7.xml
* Ralph Langner Ralph Langner
http://www.langner.com/de/index.htm http://www.langner.com/de/index.htm
* "Computerworld" über Stuxnet "Computer World" on Stuxnet
http://www.computerworld.com/s/article/9185419/Siemens_Stuxnet_worm_hit_industrial_systems?taxonomyId=142 http://www.computerworld.com/s/article/9185419/Siemens_Stuxnet_worm_hit_industrial_systems?taxonomyId=142
* Symantecs Schlussfolgerung Symantec's conclusion
http://www.symantec.com/connect/blogs/w32stuxnet-variants http://www.symantec.com/connect/blogs/w32stuxnet-variants
* Infostealer.Nimkey Infostealer.Nimkey
http://www.symantec.com/connect/de/blogs/hackers-behind-stuxnet http://www.symantec.com/connect/de/blogs/hackers-behind-stuxnet
* Zahlen zur Stuxnet-Verbreitung Data on distribution Stuxnet
http://www.symantec.com/connect/de/blogs/w32stuxnet-commonly-asked-questions http://www.symantec.com/connect/de/blogs/w32stuxnet-commonly-asked-questions
* Standorte der von Stuxnet befallenen Rechner Locations of the infected computer Stuxnet
http://www.symantec.com/connect/de/blogs/w32stuxnet-network-information http://www.symantec.com/connect/de/blogs/w32stuxnet-network-information
* Steuerungsbildschirm in der Atomanlage Busher Control screen in the Busher nuclear plant
http://www.upi.com/News_Photos/Features/The-Nuclear-Issue-in-Iran/1581/2/ http://www.upi.com/News_Photos/Features/The-Nuclear-Issue-in-Iran/1581/2/
* VB-Konferenz: Microsoft-Vortrag über Stuxnet VB Conference: Microsoft's presentation on Stuxnet
http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute8.xml http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute8.xml
* Symantec: Blog von Liam O'Murchu Symantec: Blog of Liam O'Murchu
http://www.symantec.com/connect/blogs/liam-o-murchu
© SPIEGEL ONLINE 2010
http://translate.googleusercontent.com/translate_c?hl=en&sl=de&tl=en&u=http://www.spiegel.de/netzwelt/netzpolitik/0,1518,druck-720043,00.html&rurl=translate.google.ca&twu=1
Original German: http://www.spiegel.de/netzwelt/netzpolitik/0,1518,720043,00.html
There are no others, there is only us.
http://FastTadpole.com/
Reply
10-02-2010, 07:27 AM,
#11
RE: STUXNET News Roundup
Quote:Sorry about not picking the german out of Google translated text (is there anything better?) - it's late and I'm tired. But maybe the news you're getting from Forbes, ZDNet, AFP (via Google News), the Guardian and some Tech mag repeaters isn't telling the whole story - then again Speigl is about in line with Russia Today so hey what to beleive since they're part of the machine too:

But you don't hear this much in the west even though it's part of the AFP / AP feed.

Thanks for adding to the mix. I don't doubt that it's being hyped far beyond reality. But, what else could they say anyway,

"Oh noes! All our base belongs to them. It's been converted to ASCII porn. We're doomed!"???

Yeah, I found those after seeing the bit about China. I certainly don't believe all of the material in them. But, figure that they contain little pieces that can be used to hopefully put together a little clearer section of the big picture.

The recent mischievous behavior in Pakistan coinciding with Stuxnet in Iran reminds me of play boxing with my dad when little. Dad would swing one fist wildly in the air saying "Watch the right, watch the right, watch the right! And then, he'd pop me with his left and say "You forgot about the left!" Like then, I have no idea which is the left or right. But, I have a feeling somebody's gonna get popped anyway. Why else drag Osaywhereya bin Lately out of the cooler?
Reply
10-02-2010, 08:17 AM,
#12
RE: STUXNET News Roundup
It's obviously to create finger pointing and hatred and give an excuse to ramp up CYBERCOM, from where I stand -- they're ALL in on it. All sides are being controlled on the top levels. Share the info best you can so people aren't so easily played by APnet et al.
There are no others, there is only us.
http://FastTadpole.com/
Reply
10-09-2010, 03:15 AM,
#13
RE: STUXNET News Roundup
[Image: stux_dees.jpg]
Reply
10-13-2010, 08:24 PM,
#14
Microsoft issues its biggest-ever security fix (includes Stuxnet)
Should be of interest to many since most still use eVil M$ operating systems and apps.

UPDATE 1-Microsoft issues its biggest-ever security fix

Tue Oct 12, 2010 5:36pm EDT

* Microsoft addresses record 49 flaws in its software

* Affects Windows, Internet Explorer, Office

* Fixes vulnerability exploited by Stuxnet virus (Adds details on Stuxnet virus, comments from researcher)

By Jim Finkle

BOSTON, Oct 12 (Reuters) - Microsoft Corp (MSFT.O) issued its biggest-ever security fix on Tuesday, including repairs to its ubiquitous Windows operating system and Internet browser for flaws that could let hackers take control of a PC.

The new patches aim to fix a number of vulnerabilities including the notorious Stuxnet virus that attacked an Iranian nuclear power plant and other industrial control systems around the world.

Microsoft said four of the new patches -- software updates that write over glitches -- were of the highest priority and should be deployed immediately to protect users from potential criminal attacks on the Windows operating systems. LOLLOLLOLLOL

Microsoft said it also repaired other less serious security weaknesses in Windows, along with security problems in its widely used Office software for PCs and Microsoft Server software for business computers.

Microsoft released 16 security patches to address 49 problems in its products, many of which were discovered by outside researchers who seek out such vulnerabilities to win cash bounties as well as notoriety for their technical prowess.

"This is a huge jump," said Amol Sarwate, a research manager with computer security provider Qualys Inc. "I think the reason for it is that more and more people are out there looking for vulnerabilities."

The geeks who report such vulnerabilities to software makers are known as "white hat" hackers. Sarwate warned that there are also plenty of "black hats," or criminal hackers who look for vulnerabilities in software that they can exploit to launch attacks on computer systems.

Indeed, the world's biggest software maker said that the patches released on Tuesday include software to fix a vulnerability exploited by the Stuxnet virus -- a malicious program that attacks PCs used to run power plants and other infrastructure running Siemens (SIEGn.DE) industrial control systems.

The virus, which infected computers at Iran's Bushehr nuclear power plant, was discovered over the summer. Security research Symantec said that it detected the highest concentration of the virus on computer systems in Iran, though it was also spotted in Indonesia, India, the United States, Australia, Britain, Malaysia and Pakistan.

So far Microsoft has patched three of the four vulnerabilities exploited by Stuxnet's unknown creators. {WTF? Is there a bubblegum shortage or something?}

The total of 49 vulnerabilities exceeds the previous record of 34, which was set in October 2009 and matched in June and August of this year.

The constant patching of PCs is a time-consuming process for corporate users, who need to test the fixes before they deploy them to make sure they do not cause machines to crash because of compatibility problems with existing software. (Reporting by Jim Finkle. Editing by Robert MacMillan, Gary Hill)
Reply
10-13-2010, 09:26 PM, (This post was last modified: 10-13-2010, 09:56 PM by h3rm35.)
#15
RE: Microsoft issues its biggest-ever security fix (includes Stuxnet)
so this isn't win 7 SP1, right? It's something else? I dual boot, but I rarely ever boot into windows. When I do, I'm nearly never online unless I'm updating the os. Has anyone gone through this list of patches and determined how serious this actually is?

also, I find the timing interesting, considering "U.S. Cyber Command is scheduled to be activated this month, in the words of a Reuters dispatch “ready to go to war in cyberspace” with full operational capability."
[Image: conspiracy_theory.jpg]
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)