Latest on Flame, Stuxnet, Duqu and more  Chinese hackers master the art of lying in wait
The remarkable success that Chinese state-sponsored groups have had in infiltrating U.S. government, military and corporate networks in recent years should not be mistaken as a sign that China is gaining technical superiority over the U.S. in cyberspace, security experts say. Spy court OK'd all U.S. wiretap requests it received in 2012
A special court established to review government requests for warrants to conduct electronic surveillance of suspected foreign spies received close to 1,900 warrant requests last year -- all of which it approved. Groups denounce FBI plan to require Internet backdoors for wiretaps
Privacy groups are denouncing a federal government move to force Internet companies like Facebook and Google to build backdoors that would let the FBI and other agencies snoop in on real time online communications. Update: House Intelligence panel OKs CISPA after closed door meeting
The U.S. House Intelligence Committee on Wednesday voted 18-2 in favor of a controversial information-sharing bill that was reintroduced in Congress this February after failing last year amid widespread protests from rights group and a White House veto threat. South Korea cyberattacks hold lessons for U.S.
U.S. companies and government agencies can learn from the large-scale disruptions that have hit several banks and media outlets in South Korea in the last 24 hours, security analysts said. U.S. military networks not prepared for cyberthreats, report warns
The U.S. is dangerously unprepared to face a full-scale cyber conflict launched by a peer adversary, a report by the military's Defense Science Board (DSB) warns. BitDefender traces MiniDuke espionage malware back to June 2011
Romanian security company BitDefender has traced the cyber-espionage malware "MiniDuke" back to June 2011, more than a year and a half before the campaign was uncovered Return of CISPA: Cybersecurity boon or privacy threat?
Rights groups fear widespread sharing of personal information; security managers see threat information sharing as key part of corporate cyber defenses New report says cyberspying group linked to China's army
A new report traces a large cybersecurity threat group to China's People's Liberation Army, specifically an unit that goes under the cover name "Unit 61398". Adobe to patch Reader zero-day this week with rush update
Adobe on Saturday said it would release an emergency patch for two Reader zero-day vulnerabilities this week. Obama executive order redefines critical infrastructure
President Barack Obama's cybersecurity executive order, signed on Tuesday, could significantly expand the list of companies categorized as part of U.S. critical infrastructure sector, security experts said Wednesday. Obama cybersecurity order lacks bite, security experts say
President Barack Obama's cybersecurity executive order elicited guarded praise from several quarters even as it revived calls for more comprehensive bipartisan legislation to address long-term security threats. Obama seen likely to urge Congress to pass cybersecurity laws in State of the Union address
President Obama could use tonight's State of the Union address to continue a push for new cybersecurity legislation, even as he's widely expected to issue an executive order Wednesday to impose rules aimed at protecting critical infrastructure targets, security experts say. Obama to issue cybersecurity executive order this month
President Barack Obama is expected to issue a cybersecurity executive order in the days after his Feb. 12 State of the Union address. Cyberwarfare now menacing the enterprise, Kaspersky Lab says
Enterprise security managers have yet another worry to add to their list: cyberwarfare attacks. Microsoft kicks off 2013 with clutch of critical Windows updates
Microsoft today patched 12 vulnerabilities in Windows, Office and several server and development products, but did not come up with a fix for the IE bug that cyber criminals have been exploiting for at least a month. Security lessons from 2012
More DDoS attacks on banks, cyberwarfare, and targeted attacks could well be in store in 2013, security experts warn. Experts question Microsoft's decision to retire XP
Microsoft will 'draw a line in the sand' in 2014 when Windows XP exits support, security researchers said today, even if millions of people are still running the aged OS and a zero-day bug threatens the Windows ecosystem. Cyberwarfare evolves faster than rules of engagement
As the rhetoric heats up over cyberwar -- including warnings that attacks on the U.S. are imminent and alarms that the U.S. has escalated the risk via malware attacks on Iran's nuclear program -- the rules of engagement are missing in action. Can the US military fight a war with Twitter?
Students at a military graduate school in California are mining social media with new methods that may change the way the armed forces collect intelligence overseas. After Stuxnet: The new rules of cyberwar
Critical infrastructure providers face off against a rising tide of increasingly sophisticated and potentially destructive attacks emanating from hacktivists, spies and militarized malware. Kaspersky discovers miniFlame cyberespionage malware directly linked to Flame and Gauss
Security researchers from Kaspersky Lab have identified another piece of malware targeting the Middle East that is likely part of the interrelated cyberespionage efforts behind Stuxnet, Duqu, Flame and Gauss. Kaspersky pleads for crypto help to probe Gauss malware
Kaspersky Lab today appealed for help from top-notch cryptographers to help it break the encryption of a still-mysterious warhead delivered by the Gauss cyber-surveillance malware Security experts push free Gauss detection tools
Two security organizations have released online tools that let Windows users check for possible infections by Gauss, the newly-revealed cyber surveillance malware thought to have been government- built. Nation-backed surveillance malware monitors Middle East bank accounts
A sophisticated cyber surveillance tool that monitors financial transactions with Middle Eastern banks was probably built by or under the auspices of a government, security researchers said today. Report: Flame part of US-Israeli cyberattack campaign against Iran
The highly sophisticated Flame malware was jointly developed by the U.S. and Israeli governments in preparation for a cybersabotage campaign to disrupt Iran's nuclear fuel enrichment efforts, according to a media report. Scot Finnie: Stuxnet was a wake-up call, but don't fall back asleep
It's clear that U.S. businesses and infrastructure operators haven't even begun to prepare to defend against cyber-espionage and sabotage. Microsoft readies post-Flame Windows Update changes
Microsoft will start feeding users an update to the critical Windows Update service in the next few days, several security experts said today. Microsoft scrambles as it patches 26 bugs, warns users of active attacks
Microsoft patched 26 vulnerabilities, including one in Internet Explorer that's already being exploited. The company also warned customers of a new zero-day attack and quashed yet another instance of a bug that the Duqu intelligence-gathering Trojan leveraged. Flame's Windows Update hack required world-class cryptanalysis, researchers say
The Flame cyber-espionage malware makes use of a previously unknown cryptographic attack variant that required world-class cryptanalysis to develop, experts from the Dutch national research center for mathematics and computer science (CWI) said on Thursday. Microsoft's moves against Flame may throw wrench in Patch Tuesday
Microsoft plans to deliver seven security updates next week to patch 28 bugs, but its plans to update Windows Update in response to the Flame malware could disrupt this month's patching. Flame authors order infected computers to remove all traces of the malware
The creators of the Flame cyber-espionage threat ordered infected computers still under their control to download and execute a component designed to remove all traces of the malware and prevent forensic analysis, security researchers from Symantec said on Wednesday. Microsoft's reaction to Flame shows seriousness of 'Holy Grail' hack
Microsoft appears to agree with experts that the exploit of its Windows Update system by the Flame cyber espionage malware was a 'significant' event in the history of Windows hacking. Microsoft will update Windows Update to stymie Flame-like attacks
Microsoft today announced it will issue an update to its Windows Update to prevent copy-cat hackers from duplicating Flame's feat of infecting fully-patched PCs by faking the service. Google warns Gmail users of 'state-sponsored' hacks
Google began warning users today of its Gmail online email services when it suspects they may be targets of "state-sponsored" attacks. QuickPoll: Does the Flame malware increase the odds of a cyberwar?
The sophisticated cyber espionage malware known as 'Flame' was discovered after computers within Iran's energy industry were wiped clean of data. Does the Flame malware increase the odds of a cyberwar? Researchers reveal how Flame fakes Windows Update
Security researchers today published detailed information about how the Flame cyber-espionage malware spreads through a network by exploiting Microsoft's Windows Update mechanism.
Microsoft throws 'kill switch' on own certificates after Flame hijack
Microsoft on Sunday revoked several of its own digital certificates after discovering that the makers of the Flame super-cyber spy kit figured out a way to sign their malware with the company's digital "signature." Government role in Stuxnet could increase attacks against U.S. firms
The U.S government's extensive involvement in the Stuxnet attacks against Iran is sure to trigger a sharp increase in state-sponsored cyber attacks against American businesses and critical infrastructure targets, security experts warn. Report: Obama ordered Stuxnet attacks on Iran
President Barack Obama ordered the Stuxnet cyberattacks on Iran in an effort to slow the country's development of a nuclear program, according to a report in The New York Times. Flame's Bluetooth functionality could help spies extract data locally, researchers say
The Bluetooth functionality of the Flame cyberespionage malware could potentially be used to pinpoint the physical location of infected devices and allow local attackers to extract data if they get in close proximity to the victims, according to security researchers from antivirus vendors Symantec and Kaspersky Lab. Development timeline key to linking Stuxnet, Flame malware
Nailing down a timeline for the development of Flame, the super-cyber spying malware recently found infecting PCs in Iran and other Middle Eastern nations, will be critical to connecting it to Stuxnet and Duqu, experts said. Attacks on Iranian oil industry led to Flame malware find
The sophisticated cyber espionage malware known as 'Flame' was discovered after computers within Iran's energy industry were wiped clean of data, a security expert said today. Researchers identify Stuxnet-like malware called 'Flame'
A new, highly sophisticated malware threat that was predominantly used in cyberespionage attacks against targets in the Middle East has been identified and analyzed by researchers from several security companies and organizations. Iran admits expanded cyberattacks, claims it's identified hackers
The Iranian government acknowledged today that authorities have found evidence of recent cyberattacks against several agencies, according to reports by state-sponsored media outlets. Iran confirms cyberattacks against oil facilities
Iran's oil ministry today confirmed that it was the target of malware attacks over the weekend, adding to reports by state-run media that the country's oil industry was hit by hackers. Duqu malware resurfaces after four-month holiday
Duqu, the malware that has been compared to 2010's notorious Stuxnet, is back, security researchers said today. Duqu trojan built by 'old school' programmers, Kaspersky says
The Duqu Trojan, an espionage tool that last year attracted lots of attention for its many Stuxnet-like features, may have been written by experienced old school programmers, a security researcher at Kaspersky Labs said Monday. Researchers can't identify programming language used in Duqu, ask for help
Malware experts from Kaspersky Lab have asked the programming community for help identifying the programming language, compiler or framework that was used to write an important part of the Duqu Trojan, in the hope that it could reveal clues about who created it or why. Researchers unearth more Chinese links to defense contractor attacks
Symantec researchers have uncovered additional clues that point to Chinese hacker involvement in attacks against a large number of Western companies, including major U.S. defense contractors. Expect more cyber-espionage, sophisticated malware in '12, experts say
The security industry expects the number of cyber-espionage attacks to increase in 2012 and the malware used for the attcks to become increasingly sophisticated. Microsoft scratches BEAST patch at last minute, but fixes Duqu bug
Microsoft today issued 13 security updates, one less than expected, that patched 19 vulnerabilities in Windows, Internet Explorerr, Office, and Windows Media Player. Duqu hackers scrub evidence from command servers, shut down spying op
The hackers behind the Duqu botnet have shut down their snooping operation, according to Moscow-based Kaspersky Lab. 4 lessons from the Springfield, Ill. SCADA cyberattack
The recent cyberattack on a public water utility in Springfield, Ill. has stoked concerns about the vulnerability of critical infrastructure equipment across the U.S. Will 2012 REALLY be the year of the cyberwar?
Much has been made of prospects for a cyberwar. Many believe we're already in one. So what are security practitioners to do as they plan for 2012? FAQ: What's the big deal about Duqu?
The recently discovered Duqu Trojan has gotten a lot of attention in the security research community. Here's why. Security researcher says Iran to blame for its own Duqu infections
An Iranian government official yesterday acknowledged that the Duqu attacks had infected computers in the country but claimed that the Trojan was "under control," according to a report by a state-run news agency. Hackers may have spent years crafting Duqu
The hacker group behind Duqu may have been working on its attack code for more than four years, new analysis of the Trojan revealed Friday. Open-source toolkit finds Duqu infections
The lab credited with discovering the Duqu malware has built an open-source toolkit that administrators can use to see whether their networks are infected. NSS Labs claims new tool can detect all Duqu drivers
Security research firm NSS Labs has released an open source scanning tool that is capable of detecting all malicious drivers used by the new Duqu threat, according to its engineers. However, other security vendors believe that the malware's creators are capable of evading detection at any time. Duqu exploits same Windows font engine patched last month, Microsoft confirms
Microsoft on Thursday confirmed that the Windows kernel vulnerability exploited by the Duqu Trojan is within the TrueType parsing engine, the same component it last patched just last month. Microsoft issues workaround for Duqu attack while it prepares a patch
Microsoft has published code to temporarily blunt attacks against a software vulnerability exploited by Duqu, an advanced piece of malicious software still being closely analyzed by security researchers. Microsoft expected to offer hot fix for Duqu soon
The big zero-day exploit on everyone's mind is Duqu, or "son of Stuxnet" - but researchers don't expect Microsoft to include a patch for it in next week's Patch Tuesday. Instead, a manual fix could be out as soon as this week. Update: Duqu exploits zero-day flaw in Windows kernel
The Duqu trojan infects systems by exploiting a previously unknown Windows kernel vulnerability that is remotely executable. Duqu, Stuxnet link unclear
A report by Dell SecureWorks debunks the idea that the newly discovered Duqu Trojan is related to last year's Stuxnet worm or was created by the same authors. Hard to fully assess Duqu threat yet, researchers say
As new information about the Duqu continues to come out, some experts are starting to question whether the danger from the trojan has been exaggerated. Despite Stuxnet, Duqu, control system flaws still overlooked
Efforts to strengthen critical infrastructure targets continue to focus on front-end systems rather than on underlying industrial control systems where the real problems exist, security experts warned this week. Symantec, McAfee differ on Duqu threat
Symantec and McAfee appear to have come to slightly different conclusions about the specific dangers posed by a newly discovered Trojan program called Duqu. Duqu Trojan a precursor to next Stuxnet, Symantec warns
Security vendor Symantec is warning of a new malware threat that it says could be a precursor to the next Stuxnet. After Stuxnet, a rush to find bugs in industrial systems
Kevin Finisterre isn't the type of person you expect to see in a nuclear power plant. With a beach ball-sized Afro, aviator sunglasses and a self-described "swagger," he looks more like Clarence Williams from the '70s TV show "The Mod Squad" than an electrical engineer. On the front line against the next Stuxnet
Something has gone terribly wrong on the plant floor at ACME Specialty Chemical International Inc. Take cyberthreats seriously, says counterterrorism expert
Cofer Black warns that government officials shouldn't dismiss warnings of imminent cyberattacks. Security experts can't verify Iran's claims of new worm
Without a sample of the new worm that an Iranian official says attacked the country's computers, it's impossible to verify his claims, a security researcher said. DHS chief: What we learned from Stuxnet
A lesson from the Stuxnet worm is that the private sector needs to be able to respond quickly to cyber-emergencies, said Janet Napolitano, secretary of U.S. Department of Homeland Security Update: Iran says it was targeted with second worm, 'Stars'
An Iranian general who has been investigating the Stuxnet attack on Iran's nuclear program says the country has also been hit by a second targeted attack, called Stars. Iranian general accuses Siemens of helping U.S., Israel build Stuxnet
An Iranian military commander accused the German electronics giant Siemens with helping U.S. and Israeli teams craft the Stuxnet worm that attacked his country's nuclear facilities. If Stuxnet was act of cyberwar, is U.S. ready for a response?
The complex Stuxnet worm proved attacks on SCADA and other industrial control systems were possible. Are we ready if one comes our way? Stuxnet scored quick hit on first target, says researcher
Stuxnet infected its first target just 12 hours after hackers finished the worm, an indication that the malware scored an almost instant bulls-eye, a Symantec researcher said today. Stuxnet struck five targets in Iran, say researchers
Symantec researchers today said that the notorious Stuxnet worm targeted five separate organizations -- all with a presence in Iran -- and that attacks began in June 2009, more than a year before experts raised the alarm. Israel tested Stuxnet worm, says report
The Stuxnet worm that disrupted Iran's ability to enrich uranium into bomb-grade nuclear fuel was reportedly created by Israel and the U.S. Report: Iran confirms Stuxnet hit centrifuges
Iran has reportedly confirmed that the Stuxnet worm hit centrifuges used to refine uranium in the country. Experts: Stuxnet changed the cybersecurity landscape
The appearance of the Stuxnet worm in June should serve as a wake-up call to governments and businesses, especially those relying on Internet-based industrial control systems, a group of cybersecurity experts told U.S. lawmakers Wednesday. New Stuxnet clues suggest sabotage of Iran's uranium enrichment program
Researchers have uncovered new clues that the Stuxnet worm may have been created to sabotage Iranian attempts to turn uranium into atomic bomb-grade fuel. Iran blames Stuxnet worm on Western plot
Iran today made its strongest statement yet that it believes a Western plot is behind the Stuxnet worm that has infected tens of thousands of computers in the country, including some at its sole nuclear power plant. Iran arrests 'spies' after Stuxnet attacks on nuclear program
An Iranian intelligence official Saturday said that authorities had detained several "spies" connected to cyber attacks against its nuclear program. Why did Stuxnet worm spread?
Stuxnet's inability to stay stealthy may be fall-out from a failure to hit its intended targets last year, security researchers said today. Stuxnet code hints at possible Israeli origin, researchers say
Security researchers today offered another tantalizing clue about the possible origins of the notorious Stuxnet worm, but cautioned against reading too much from the obscure tea leaves. Stuxnet worm can re-infect scrubbed PCs
A security researcher today revealed yet another way that the Stuxnet worm spreads, a tactic that can re-infect machines that have already been scrubbed of the malware. Iran admits Stuxnet worm infected PCs at nuclear reactor
Although some computers at Iran's Bushehr nuclear reactor were infected by the Stuxnet worm, none of the facility's crucial control systems were affected, Iranian officials said. Iran confirms massive Stuxnet infection of industrial systems
Officials in Iran have confirmed that the Stuxnet worm infected at least 30,000 Windows PCs in the country, multiple Iranian news services reported on Saturday. Was Stuxnet built to attack Iran's nuclear program?
A highly sophisticated computer worm that has spread through Iran, Indonesia and India was built to destroy operations at one target: possibly Iran's Bushehr nuclear reactor. Is Stuxnet the 'best' malware ever?
Experts say the Stuxnet malware is groundbreaking technology that may have been created with the backing of a government. Siemens: Stuxnet worm hit industrial systems
A sophisticated worm designed to steal industrial secrets and disrupt operations has infected at least 14 plants, according to Siemens. Stuxnet industrial worm was written over a year ago
A sophisticated worm designed to steal industrial secrets has been around for much longer than previously thought, according to security experts investigating the malicious software. Stuxnet renews power grid security concerns
The recent discovery of malware designed to penetrate industrial control systems has renewed concerns about the security of power plants, manufacturing facilities. Think tank in Estonia ponders war in cyberspace
When one nation launches a missile at another, it's easy to pinpoint the aggressor. But during a cyberattack, the aggressor may not be so identifiable, and the traditional rules of warfare don't quite fit. A Few Good (and Not So Good) Security Moves
THUMBS DOWN: North Korea. To be fair, there's not much proof at this point that the rogue nation is behind the DDos Attacks against U.S. and South Korean sites -- only speculation sparked by the timing and targets. But cyberwarfare aside, one must wonder why we keep letting this regime get away with evil. Cyberdefense center will lead in education
The Cooperative Cyber Defense Center of Excellence (CCDCOE) opened in May 2008 in Tallinn, Estonia, to assist NATO with technical, legal and policy issues associated with dealing with cyberwarfare incidents. The 20-person center includes civilian analyst Kenneth Geers, who works for the U.S. Navy's Naval Criminal Investigative Services. Geers, who has been with the center for about a year and a half, spoke about CCDCOE's mission on the opening day of the organization's first-ever Conference on Cyber Warfare on Wednesday. A U.S. cyberwarfare command: Better late than never
Ira Winkler cites the sorts of conflicts that can arise when two agencies are unaware of what the other one is doing. The new ground zero in Internet warfare
Cyber experts concur that the electric power grid is the most vulnerable to attack of all critical infrastructure in the U.S. But that's about the only thing they agree on.
| 
