Stuxnet

Six Cyber-Physical Attacks the World Could Live Without

In-brief: cyber attacks that affect physical systems are still a small minority of all incidents. But they’re becoming more common. What are some of the attacks we’ve seen to date and what do they tell us about what’s to come? Check out this slide show for an answer to those questions. 

The Good, Bad and Ugly of Vulnerability Markets

In-brief: Markets for information on software vulnerabilities are good for security. But they can also raise moral and ethical quandaries, especially in an age of cyber physical risks, argues Cisco’s Marc Blackmer.

New Stuxnet-Like Industrial Control System Malware Ups The Ante

In-brief: Security firm FireEye is claiming to have discovered proof-of-concept malicious software that targets industrial control systems software that is used to operate critical infrastructure worldwide. 

Russian Firm Alleges 15 Year NSA Cyberespionage Campaign

In-brief: Kaspersky Lab issued a report Monday alleging its researchers discovered evidence of a long-running cyber espionage campaign with links to the U.S. government and National Security Agency. 

Regin Espionage Tool Active since 2008 | Symantec Connect

Symantec on Sunday published research describing a new family of malware that it claims has been circulating, quietly, for close to six years. (Gulp!) According to a post on Symantec’s Security Response blog, Regin infections have been observed as far back as 2008, but the malware went quiet after about 2011, only to resurface in 2013 in attacks on a wide range of targets including private and public entities and research institutes. Symantec also observed the malware used in attacks on telecommunications firms and say it appears the malware was being used “to gain access to calls being routed through their infrastructure.”   In a separate research paper, Symantec describes the malware, dubbed “Backdoor.Regin” as a multi-staged threat that uses encrypted components – installed in a series of stages – to escape detection. The key the malware’s stealth is compartmentalization, Symantec found: “each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible […]