28 matches found
New Version of Flame Malware Discovered
Flame was discovered in 2012, linked to Stuxnet, and believed to be American in origin. It has recently been linked to more modern malware through new analysis tools that find linkages between different software. Seems that Flame did not disappear after it was discovered, as was previously though...
Operation Cleaver — Iranian Hackers Targeting Critical Infrastructure Worldwide
For over past two years, Iranian hackers have infiltrated computer networks of some of the world's top organizations including airlines, defense contractors, universities, military installations, hospitals, airports, telecommunications firms, government agencies, and energy and gas companies,...
Snowden Confirms Stuxnet Malware developed by NSA and Israel Together
In an interview with Germany's Der Spiegel Magazine, American whistleblower Edward Snowden has Confirmed that Stuxnet Malware was developed by NSA and Israel Together. Stuxnet made international headlines in 2010 for specifically target a uranium enrichment facility in Natanz, Iran. Stuxnet was...
Flame One Year Later
It’s been a year since the first reports of the Flame malware surfaced, and looking back at the 12 months since then, it seems more and more each day that the discovery of Flame should be seen as a seminal event in the evolution of malware. When Flame emerged in May 2012, some of the outside...
Flame Malware against French Government
The news is sensational, according the French magazine L'Express the offices of France's former president Sarkozy were victim of a cyber attack, but what is even more remarkable is that for the offensive was used the famous malware Flame. On the origin of the malware still persist a mystery, many...
What's the Meaning of This: Adobe Certificate Attack
The news yesterday that Adobe had been compromised and that the attackers were able to get valid Adobe signatures on a pair of malware utilities is one of the more worrisome and troubling stories in what has become a year of huge hacks and historic change in the security industry. Adobe was...
Two Microsoft Security Updates Await In Advance of Certificate Key Length Changes
Microsoft is promising a light load of security updates for next Tuesday’s monthly patch release in an attempt to give Windows administrators and security teams time to prepare for an October change to certificate key length requirements. Angela Gunn of Microsoft’s Security Response Team announce...
Analysis Reveals Flame Malware's Process Injection Tricks
As researchers continue to pull apart the Gauss malware code, looking for spreading mechanisms and infection vectors, there is still some work being done on Gauss’s cousin Flame, as well. New research from CERT Polska reveals how deeply Flame burrows itself into infected systems, showing that the...
Microsoft Revokes Trust in 28 of Its Own Certificates
UPDATED–In the wake of the Flame malware attack, which involved the use of a fraudulent Microsoft digital certificate, the software giant has reviewed its certificates and found nearly 30 that aren’t as secure as the company would like and has revoked them. Microsoft also released its new updater...
Microsoft Plans To Fix 16 Vulnerabilities With July Patch Release
Microsoft has announced it will issue nine bulletins for its July Patch Tuesday release next week. Included in the update are three critical patches for security holes that, if left unaddressed, could result in remote code execution on vulnerable systems. In all, the Redmond, Washington company...
Iran Discovers "Massive Cyber Attack," Points Finger at US, UK, Israel
Iran’s intelligence minister Heydar Moslehi claims the country has uncovered a “massive cyber attack” it believes was jointly launched by the United States, England and Israel, according to reports from PressTV, Iran’s state-owned English language news network, yesterday. “Based on obtained...
US and Israel developed Flame Malware against Iran
US and Israel developed Flame Malware against Iran Unnamed Western officials confirmed that Flame was developed by US and Israeli governments. The United States and Israel jointly developed the Flame computer virus that collected intelligence to help slow Iran's nuclear program. The massive piece...
What Have We Learned: Flame Malware
When the news about the Flame malware first broke several weeks ago, people from all parts of the security community, political world and elsewhere quickly began trying to figure out what the significance of the tool was and whether it represented anything new. That was difficult at the time, giv...
Microsoft Releases Automatic Updater for Certificate Revocation Lists, Plans to Invalidate Short RSA Keys
As part of its response to the Flame malware and its usage of a forged Microsoft certificate to sign malicious files, Microsoft has changed the way that Windows handles certificates, releasing an automatic updater function that will recognize and flag untrusted certificates. The new functionality...
Attorney General Holder Announces Probe Into Cyberwar Leaks
U.S. Attorney General Eric Holder has issued an assignment to the U.S. District Attorneys to start an investigation into possible leaks of classified information, presumably by individuals within the Obama administration who recently spoke anonymously about the administration’s ties to the...
Attackers Can Use 'Self-Destruct' Feature to Kill Flame
The attackers behind Flame can easily clean up compromised computers, according to research by security firm Symantec who found that some attackers have been able to use command-and-control C&C servers to completely remove the malware from certain machines. According to a post on Symantec’s...
How The Flame Malware Stayed Hidden For So Long
The past week has brought to light more revelations about the mysterious Flame or sKyWIper worm that was first identified at the end of May. Among them: the eye-popping admission from Microsoft that the malware’s authors found a way to use that company’s Windows Update feature to distribute the...
Snack Attack: Analyzing Flame's Replication Pattern
The Flame malware uses several methods to replicate itself. The most interesting one is the use of the Microsoft Windows Update service. This is implemented in Flame’s “SNACK”, “MUNCH” and “GADGET” modules. Being parts of Flame, these modules are easily reconfigurable. The behavior of these modul...
Microsoft Details Flame Hash-Collision Attack
The details of the collision attack used by the Flame malware authors to create a forged code-signing certificate for Microsoft code are beginning to emerge, and the company said that the attackers used an MD5 hash collision specifically to ensure that their attack would work on machines running...
DHS Issues Joint Warning On Flame's Windows Update Hack
The U.S. Department of Homeland Security is warning IT administrators and operators of industry control systems about the danger posed by the Flame aka sKyWIper malware after Microsoft acknowledged that the malware is able to spoof its Windows Update service to push malicious code onto vulnerable...