Displaying items by tag: Duqu
US/Israel Flame Collaboration Rumor Misses Some Facts and Almost Looks Too Well Timed To be True
There are two things about leaks that always concern me; the content of the leak, who it was leaked to, and … (Ok three things I look at when dealing with leaks) the timing. Now when the leak hit concerning Stuxnet and Duqu we took a look at the information and compared it with some information we were able to dig up including the timing of the attack and a few other factors. The leak seemed to fit the facts. At the time of the leak there was no mention of Flame, any program to gather intelligence, or even hints that there might be more out there.
Flame and Stuxnet Devs Appear to Have Shared Source Code At Least Once
It would appear that the developers of Stuxnet/Duqu and Flame shared at least some source code during development. At least that is what security research firm Kaspersky seems to think. Kaspersky was the company that found the massive bit of malware that was using a compromised Microsoft Terminal Server licensing model to sign certificates for their code. Flame appears to have been a very coordinated espionage attack on Iran and has been in the news thanks to the complexity and functionality that it has.
Massive "Flame" Cyber Attack Targeted At Some Middle Eastern Countries
An interesting report has popped up about a rather large attack on a group of Middle Eastern countries. The attack (called Flame) appears to be a targeted attack against Iran, Israel, Palestine, Sudan, Syria, Lebanon, Saudi Arabia and Egypt with the most effected being Iran, Palestine, and Israel. The attack was reported by Kaspersky Labs and looks to be intended to collect all kinds of information (not just data on computers). Kaspersky believes that Flame has been operating for at least two years in this region.
SCADA Vulnerability used in Illinois water plant breach
Remember when we told you about the SCADA vulnerabilities (here and here)? Well back in August we talked at length about how many of these control systems not only use the default passwords but are connected to the internet. On top of all of these there are a large number that have no high-level security (beyond simple passwords). This puts many of our vital infrastructure services at great risk to compromise from outside parties.