×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Jobs

Stuxnet malware

Stuxnet malware

RE: Stuxnet malware

Very interesting indeed, a little usb drive could do untold damage.  What matters is who is running the show.

xit

RE: Stuxnet malware

This interesting document was released yesterday: Stuxnet_Dossier.pdf

It is a .pdf of a whitepaper from Symantec.  It is 2.5MB long.
  

RE: Stuxnet malware

If I read things correctly this is hardly new
We were discussing the USB exploit at the end ouf August
thread760-161: SMS Snap Shot Utility-2534

I do not Have A.D.D. im just easily, Hey look a Squirrel!

RE: Stuxnet malware

In that regard, Stuxnet is not new.  It has actually been around a while and started receiving notoriety this summer.  It continues to be analyzed and more fascinating information continues to be found out about it. If I recall correctly, yes, the USB exploit was the icon issue, one of the zero-day exploits in windows that this used.

So far it looks like it scores in several firsts in regards to its complexity and scale.
1 - it is probably the most complex piece of malware ever discovered.
2 -  it is suspected as having been created by a national govt entity and used as a weapon against a specific target.  
3 - It targets, industrial embedded computers (PLCs) that are (typically) significantly more hardened in both their hardware and software compared to conventional PCs
4 - it successfully uses the Man In The Middle attack to get around encryption certificates, using certificates from a "trusted" entity.
5 - it uses multiple (4) zero day exploits, including two previously unknown ones.  Makes you wonder about the push to release the Windows source code a few years back.

While, in my opinion, it doesn't represent a direct threat to the commercial PC arena, it does take computer malware to a new level.
 
 

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close