Displaying items by tag: Stuxnet

A Dutchman was responsible for infecting equipment at Iran's Natanz nuclear plant in 2008 with the Stuxnet virus, leading to years of delay in the country's nuclear program, a Dutch publication, Volkskrant, claims.

Apple has issued fixes for two flaws in its iOS and iPadOS operating systems that were used to attack employees of Russian cyber security firm Kaspersky.

Russian security firm Kaspersky has lost its most senior researcher, with Costin Raiu, long-time head of its Global Research & Analysis Team, announcing that he would be leaving the company.

GUEST OPINION: It's likely that many IT security teams didn't get much sleep during the past year. From ransomware and supply-chain attacks to email compromise and IoT incidents, the battle against cybercriminals was relentless.

GUEST RESEARCH: Mandiant has published new research on a set of “exceptionally rare and dangerous cyber attack” tools, called Incontroller.

In the days prior to Russia's invasion of Ukraine and thereafter, there have been numerous people in the infosec business who have predicted that there would be a massive outbreak of what they characterised as cyber-conflict between these two countries. But little or nothing has eventuated.

Russian security outfit Kaspersky says it will continue to provide details of advanced persistent threats (APTs or nation-state actors) no matter the country of their origin, but these details will only be available to customers who subscribe to their services.

The US-Israel nation-state hacking partnership that created Stuxnet, the malware used to cripple Iran's nuclear program, lasted much longer than was known earlier, researchers from Chronicle Security, a sister company of Google, claim.

ANALYSIS Predicting the future is generally a game for mugs but it is possible to say with a high degree of certainty that there will be no details of any American advanced persistent threats or APTs unveiled during Kaspersky Lab's annual Security Analyst Summit that kicks off in Singapore on Monday.

Infrastructure and strategic networks in Iran have been attacked by malware similar to Stuxnet — which was used to attack centrifuges at the country's Natanz nuclear enrichment centre in 2011 — and Israeli officials are not willing to say if they are involved or not.

Security software testing company NSS Labs has filed an anti-trust suit against security firms Symantec, CrowdStrike, ESET and the Anti-Malware Testing Standards Organisation, claiming that they had conspired to prevent independent testing of their products.

Malicious attackers have been using stolen certificates from Taiwan-based vendors D-Link and Changing Information Technology to sign their malware known as Plead that has been used to compromise several technology companies.

A statement by the head of security firm FireEye that US government spooks produce "nice" malware when compared to that of other states has been reported by the American tech news website Cyberscoop – and allowed to pass unchallenged.

The primary concern for businesses after the Australian data breach law takes effect on 22 February will be information security, as without that in place, it will not be possible to protect personal information, an expert in cyber security and law says.

WikiLeaks has released another set of documents from the CIA, revealing details of a project known as Brutal Kangaroo that targets closed Windows networks by jumping the air gap using thumb drives.

A vulnerability in Microsoft's Windows operating system that was used, allegedly by the US and Israel, to plant the Stuxnet virus in Iranian nuclear plants is still among the most exploited flaws in the OS.

An unknown nation state has created a multi-staged backdoor trojan malware threat dubbed Regin by Symantec which seeks to get in like a ray-gunned Flynn and flummox its targets with ultra advanced spying capabilities.

The infamous Stuxnet worm that disabled Iranian nuclear centrifuges has been under intense investigation by Kaspersky Lab and other security firms, with Kaspersky revealing more information.

There’s a rising tide of cyber attacks on the energy sector, with a warning from a global security company that the growing adoption of smart grids, smart meters and the “Internet of Things,” will likely lead to even greater risks and challenges for energy firms this year.

Yet another security company dusts off the crystal ball.  Here's what Kaspersky Labs sees in the year ahead.