Stay informed -- Ars Technica is one of the best all-around sources (without getting too geeky) of what's happening in the world of technology and how it will affect you. It's on my "must read before rising" list (along with TFB, of course).
Stuxnet may be the first military-grade malware. It was packed with zero-day exploits and tricks never before seen. If its target was Iranian nuclear facilities, a likely culprit is the IDF or Mossad. If it's not them, we're the next most likely culprit.Computer security professionals use the term "zero-day exploit" to refer to security holes that have just become known that day, and nobody except, perhaps, the exploiter has yet thought of counter-measures. Even a single such exploit can make a formidable worm. Stuxnet had four.
I almost went to work in an internal division, nicknamed STUX, of the company I work for. It stands for Server Tools User Experience. I don't they're responsible, though.
There is much speculation about which country's military produced this virus and what it was being used for. The most common answer is "U.S., against Iran."It is said that none of the extant anti-virus software packages can detect the malicious components of the modular Flame virus.
It is perhaps the most sophisticated piece of malicious software ever designed – a digital surveillance device so complex it ran on sensitive government computer networks for years, undetected.And now, a tool that was almost certainly developed for state-sanctioned cyberwarfare is out in the open, soon to make its way into the hands of everyone from computer virus researchers to criminal gangs.
And here's something funny. In the last hour, I got an email from Symantec ...
It is said that none of the extant anti-virus software packages can detect the malicious components of the modular Flame virus.
And well, yes, I do have an up-to-date Norton security software product. But with this email, do I have grounds for action if I turned out to be infected? I wonder if this bald statement that "you are protected" is such a fine idea ...
Flamer has managed to infect a large number of computers worldwide. Are you protected?Norton has been tracking and monitoring the recent online spread of Flamer and we wanted to inform you that without a current Internet security product subscription, your PC may be open to infection.If you have an up-to-date Norton security software product then you are protected against this threat.Sincerely,The Norton Team
The article includes a world map with countries believed to be victims marked in red. Although suspicion is focusing on China, I think that is a mistake. Greenland is also not a victim.I assume this article is about something real.
Researchers have uncovered an ongoing, large-scale computer espionage network that's targeting hundreds of diplomatic, governmental, and scientific organizations in at least 39 countries, including the Russian Federation, Iran, and the United States.Operation Red October, as researchers from antivirus provider Kaspersky Lab have dubbed the highly coordinated campaign, has been active since 2007, raising the possibility it has already siphoned up hundreds of terabytes of sensitive information. It uses more than 1,000 distinct modules that have never been seen before to customize attack profiles for each victim. Among other things, components target individual PCs, networking equipment from Cisco Systems, and smartphones from Apple, Microsoft, and Nokia. The attack also features a network of command-and-control servers with a complexity that rivals that used by the Flame espionage malware that targeted Iran."This is a pretty glaring example of a multiyear cyber espionage campaign," Kaspersky Lab expert Kurt Baumgartner told Ars. "We haven't seen these sorts of modules being distributed, so the customized approach to attacking individual victims is something we haven't seen before at this level."The main purpose of the campaign is to gather classified information and geopolitical intelligence. Among the data collected are files from cryptographic systems such as the Acid Cryptofiler, with the collected information used in later attacks. Stolen credentials, for instance, were compiled and used later when the attackers needed to guess secret phrases in other locations.
Who is online
Users browsing this forum: No registered users and 0 guests