Stuxnet – Page 3 – WindowsTechs.com

How one security researcher used radio signals to hop an air gap

Posted on April 22, 2020 by Sean Lyngaas

For years, researchers and spies have devised ways of getting malware to computers that are “air-gapped,” or physically isolated from external network connections. Attacks like Stuxnet, the computer worm deployed against an Iranian nuclear facility a decade ago, shattered the myth that air-gapped systems are impenetrable fortresses. In that case, suspected U.S. and Israeli intelligence operatives crossed an air gap with malware that ultimately sabotaged centrifuges at a uranium enrichment plant. They also planted an idea in the head of Mikhail Davidov, an ethical hacker: Getting malicious code into an air-gapped computer is one thing, but how do you retrieve data from the network? One possibility, it turns out, is in the radio spectrum. With a radio, antenna, and his own computer script, Davidov figured out how to use a signal emitted by an air-gapped computer’s graphics processing unit (GPU) to exfiltrate data. Davidov, the lead security researcher at Duo […]

The post How one security researcher used radio signals to hop an air gap appeared first on CyberScoop.

Continue reading How one security researcher used radio signals to hop an air gap→

Airbus researcher explores ‘Stuxnet-type attack’ for security training

Posted on January 16, 2020 by Sean Lyngaas

Stuxnet, the potent malware reportedly deployed by the U.S. and Israel to disrupt an Iranian nuclear facility a decade ago, helped change the way that many energy-infrastructure operators think about cybersecurity. The computer worm drove home the idea that well-resourced hackers could sabotage industrial plant operations, and it marked a new era of state-sponsored cyber-operations against critical infrastructure. Years later, industrial cybersecurity experts are still learning from the destructive potential of Stuxnet’s code and how it was deployed. While Stuxnet was an extraordinary situation — an intensive operation designed to hinder Iran’s nuclear program — it holds lessons for the wider world in securing industrial equipment that moves machinery. In a new study to improve security, a researcher at the cybersecurity subsidiary of European planemaker Airbus describes how he designed a program to execute code in a “Stuxnet-type attack” on a programmable logic controller (PLC), the ruggedized computers that monitor and control industrial systems like pumps, circuit […]

The post Airbus researcher explores ‘Stuxnet-type attack’ for security training appeared first on CyberScoop.

Continue reading Airbus researcher explores ‘Stuxnet-type attack’ for security training→

How did Stuxnet prevent the user from seeing the malicious files on a USB stick?

Posted on January 1, 2020 by Mike Edwards

From what I can tell there were two main TMP files present on the infected USB stick. The smaller of the two would run first and hook various functions related to viewing files so as to hide the LNK and TMP files.

While thi… Continue reading How did Stuxnet prevent the user from seeing the malicious files on a USB stick?→

ICS Attackers Set To Inflict More Damage With Evolving Tactics

Posted on October 31, 2019 by Elizabeth Montalbano

While it remains difficult to attack critical infrastructure successfully, adversaries aim to use past experience to launch more destructive future attacks, according to analysis. Continue reading ICS Attackers Set To Inflict More Damage With Evolving Tactics→

September 2019’s Patch Tuesday: 2 zero-days, 17 critical bugs

Posted on September 12, 2019 by John E Dunn

Sometimes, a Patch Tuesday update arrives with a bang that sends users scrambling for cover – September’s update earns that description. Continue reading September 2019’s Patch Tuesday: 2 zero-days, 17 critical bugs→

Patch Tuesday, September 2019 Edition

Posted on September 10, 2019 by BrianKrebs

Microsoft today issued security updates to plug some 80 security holes in various flavors of its Windows operating systems and related software. The software giant assigned a “critical” rating to almost a quarter of those vulnerabilities, meaning they could be used by malware or miscreants to hijack vulnerable systems with little or no interaction on the part of the user. Continue reading Patch Tuesday, September 2019 Edition→

New Version of Flame Malware Discovered

Posted on April 12, 2019 by Bruce Schneier

Flame was discovered in 2012, linked to Stuxnet, and believed to be American in origin. It has recently been linked to more modern malware through new analysis tools that find linkages between different software. Seems that Flame did not disappear after it was discovered, as was previously thought. (Its controllers used a kill switch to disable and erase it.) It… Continue reading New Version of Flame Malware Discovered→

Nation-state hacking kit ‘Flame’ had a second life, researchers say

Posted on April 9, 2019 by Sean Lyngaas

Flame, the nation-state-developed malware kit that targeted computers in Iran, went quiet after researchers exposed it in 2012. The attackers tried to hide their tracks by scrubbing servers used to talk to infected computers. Some thought they had seen the last of the potent malware platform. Flame’s disappearance “never sat right with us,” said Juan Andres Guerrero-Saade and Silas Cutler, researchers with Alphabet’s Chronicle. On Tuesday at the Kaspersky Security Analyst Summit in Singapore, they showed that Flame hadn’t died, it had just been reconfigured. Tracing early components of Flame, Guerrero-Saade and Cutler found a new version of it that was likely used between 2014 and 2016. Flame 2.0 is “clearly built” from the original source code, but it has new measures aimed at eluding researchers, they wrote in a paper. The discovery shows how good source code dies hard, and that tracking its evolution can be a very long game […]

The post Nation-state hacking kit ‘Flame’ had a second life, researchers say appeared first on CyberScoop.

Continue reading Nation-state hacking kit ‘Flame’ had a second life, researchers say→

Researchers Uncover New Version of the Infamous Flame Malware

Posted on April 9, 2019 by Kim Zetter

They also found evidence that Stuxnet has ties to another malware family. The discoveries were made using tools and techniques only available to researchers in recent years. Continue reading Researchers Uncover New Version of the Infamous Flame Malware→

What Security Threats of the Past Can Tell Us About the Future of Cybersecurity

Posted on March 21, 2019 by Sue Poremba

If we look close enough, many new security threats are something we’ve seen in another form or an attack style we’ve had to previously defend against.

The post What Security Threats of the Past Can Tell Us About the Future of Cybersecurity appeared first on Security Intelligence.

Continue reading What Security Threats of the Past Can Tell Us About the Future of Cybersecurity→