9/24/2010 8:14 AM | |
Posts: 947 Rating: (45) |
Stuxnet injects Step7 code into OB 35. See detailshttp://www.langner.com/en/index.htm |
This contribution was helpful to8 thankful Users |
9/24/2010 2:32 PM | |
Joined: 9/27/2006 Last visit: 9/22/2024 Posts: 12282 Rating: (2685)
|
hello gre_M; Thanks for the look-ahead. Information on Siemens' website concerning Stuxnet and its controllers also reflect similar information: How is it possible to say whether an automation system corresponds to the specific program pattern and what counter-measures recommended are?
http://support.automation.siemens.com/WW/view/en/43876783 |
9/24/2010 7:39 PM | |
Joined: 9/27/2006 Last visit: 9/22/2024 Posts: 12282 Rating: (2685)
|
Hello all; Anyoneintrigued bythe way Stuxnet is attacking Step 7 software and S7 PLCscould be interested in the following articles from Symantec: http://www.symantec.com/connect/blogs/exploring-stuxnet-s-plc-infection-process http://www.symantec.com/connect/blogs/stuxnet-lnk-file-vulnerability http://www.symantec.com/connect/blogs/stux-be-you They are preparing a whitepaper collecting as much data as they can gather on Stuxnet for Sept. 29. I know I'll be watching their website. Hope this helps, Daniel Chartier |
This contribution was helpful to1 thankful Users |
9/25/2010 3:59 PM | |
Posts: 947 Rating: (45) |
You can see blogAleks: Myrtus_and_Guava. This is very interesting: http://www.securelist.com/en/blog/269/Myrtus_and_Guava_Episode_1 http://www.securelist.com/en/blog/271/Myrtus_and_Guava_Episode_2 http://www.securelist.com/en/blog/272/Myrtus_and_Guava_Episode_3 http://www.securelist.com/en/blog/280/Myrtus_and_Guava_Episode_4 http://www.securelist.com/en/blog/283/Myrtus_and_Guava_Episode_5 http://www.securelist.com/en/blog/2291/Myrtus_and_Guava_Episode_MS10_061 Additional info: Stuxnet Infection of Step 7 Projects http://www.symantec.com/connect/blogs/stuxnet-infection-step-7-projects |
Last edited by: gre_m at: 10/1/2010 8:21 AMsee new info Last edited by: gre_m at: 10/1/2010 8:20 AM |
|
10/1/2010 8:29 AM | |
Posts: 947 Rating: (45) |
Additional info: Stuxnet Infection of Step 7 Projects http://www.symantec.com/connect/blogs/stuxnet-infection-step-7-projects Previus info in post /tf/WW/en/Posts/48878 |
10/10/2010 6:12 PM | |
Posts: 947 Rating: (45) |
stuxnet from Wikipedia http://en.wikipedia.org/wiki/Stuxnet |
Last edited by: gre_m at: 10/10/2010 6:12 PM |
|
10/12/2010 3:11 PM | |
Joined: 9/17/2008 Last visit: 8/15/2024 Posts: 49 Rating: (4) |
i dont understand why Siemens isn't providing more information. |
10/12/2010 8:11 PM | |
Joined: 9/27/2006 Last visit: 9/22/2024 Posts: 12282 Rating: (2685)
|
Hello dmelliot; Siemens has been keeping us informed, for example in the following link in Product Support: http://support.automation.siemens.com/WW/view/en/43876783 SIMATIC WinCC / SIMATIC PCS 7: Information concerning Malware / Virus / Trojan Important links:
Agreed, the last post here is from October 1st, but with other information available for example on Symantec's site we should be able to start protecting our systems, now.. |
10/13/2010 8:42 AM | |
Posts: 947 Rating: (45) |
Additional info: page with security path from Microsoft http://www.microsoft.com/technet/security/current.aspx /tf/WW/en/Posts/49538#top |
Last edited by: gre_m at: 10/14/2010 7:36 PMLast edited by: gre_m at: 10/13/2010 8:44 AM |
|
10/21/2010 3:36 PM | |
Posts: 947 Rating: (45) |
Hello dmelliot see post Stuxnet in action. This is flash-videowith Siemens on title /tf/WW/en/Posts/49814#top |
10/22/2010 9:38 AM | |
Posts: 147 Rating: (34) |
Microsoft doing the exact same thing with the 0day vulnerabilities that half (i.e. 2 out of 4) remain - as of the time of writing - still unpatched. (probably they knew about - probably they didn't) Government organizations are not disclosing any findings. (http://www.abdolian.com/thoughts/?p=4270) Well, it seems to me that this "confidentiality" is not working, since it is the reason Stuxnet succeed. Stuxnet is not only exploiting software vulnerabilities. Stuxnet is exploiting the way industries are thinking. |
Follow us on