Don’t Get Caught In The Crossfire

The Duqu virus is squarely aimed at Iran’s nuclear program. Unless you’re connected with Iran’s nuclear program, your chances of being directly targeted are extremely low. However, Microsoft was freaked out enough to issue a security bulletin for Windows users. So, better safe than sorry, protect yourself against the possibility of becoming collateral damage in an epic, upcoming attack.

Microsoft issues Duqu virus workaround for Windows

Microsoft has issued a temporary fix to the pernicious Duqu virus — also known as “Son of Stuxnet” — which could affect users of Windows XP, Vista, Windows 7 as well as Windows Server 2008.

The company promised the security update earlier this week as it races to deal with the virus, which targets victims via email with a Microsoft Word attachment. The virus is not in the email, but in the attachment itself. A Symantec researcher said if a user opens the Word document, the attacker could take control of the PC, and nose around in an organization’s network to look for data, and the virus could propagate itself.

See also:
Microsoft Security Advisory (2639658)
Microsoft software bug linked to ‘Duqu’ virus
Microsoft Provides Workaround Patch for Duqu Malware
Microsoft announces workaround for the Duqu exploit
Microsoft Issues Temporary Duqu Workaround, Plans 4 Patch Tuesday Fixes
Six Ways to Protect Yourself from Duqu
Microsoft Airs Temporary Fix to Defeat Duqu Worm
Microsoft Releases Temporary Plug For Duqu
Duqu exploits same Windows font engine patched last month, Microsoft confirms
5 Things To Do To Defend Against Duqu
Microsoft issues temporary ‘fix-it’ for Duqu zero-day
Patch Tuesday: Fix for ‘Duqu’ zero-day not likely this month

Is it just me or doesn’t it seem a bit more than odd that Microsoft, a company with close ties to and a past history of working with U.S. intelligence agencies, would publicly issue a workaround to defend against a specific piece of malware that, by many accounts, is being actively and currently used by U.S. intelligence agencies to set up and facilitate an upcoming attack, in cyberspace or otherwise, against Iran’s nuclear program? I mean, it’s not like the Iranians can’t read English, why help them defend against Duqu? Hmmm, something’s not quite right here.

/whatever’s going on, and something is going on, it’s way above my pay grade, but when the endgame comes, don’t forget to duck

Advertisements

Caught Stealing . . . Again

I thought cyberattacks were supposed to considered acts of war, how long are we going to just keep bending over for this threat to national security behavior?

Chinese Hackers Target Chemical Companies

Chinese hackers tried to penetrate the computer systems of 48 chemical and military-related companies in a late summer cyber attack to steal design documents, formulas and manufacturing processes, a security firm reported Tuesday.

The attack ran from late July to mid-September and appeared to be aimed at collecting intellectual property for competitive advantage, reported Symantec, which code-named the attack Nitro, because of the chemical industry targets. Hackers went after 29 chemical companies and 19 other businesses that made advanced materials primarily used in military vehicles.

See also:
The Nitro Attacks
Stealing Secrets from the Chemical Industry

Nitro Attack: Points of interest
“Nitro” spear-phishers attacked chemical and defense company R&D
‘Nitro’ Cyber-Spying Campaign Stole Data From Chemical, Defense Companies
‘Nitro’ Hackers Rifle Through Chemical Companies’ Secret Data
Report: Chinese hackers launched summer offensive on US chemical industry
‘Nitro’ Hackers Reportedly Attack Dozens of Companies in Chemical, Defense Industries
Chemicals and defence firms targeted by hacking attack
Dozens of chemical firms hit in espionage hack attack
“Nitro” attacks target 29 firms in chemical sector
‘Nitro’ hackers use stock malware to steal chemical, defense secrets
‘Nitro’ Hackers Steal Chemical Company Secrets
Nitro Malware Targeted Chemical Companies
Cyber attacks on chemical companies traced to China
Cyber Attacks on Chemical Firms Traced to Chinese Computers
Symantec uncovers cyber espionage of chemical, defense firms

You know, if we’re not going to treat these attacks as military in nature, which we should, the least we should do is take action against China for violation of international trade agreements, not to mention international law. For all the ‘fraidy cat, nervous Nellies who are so scared of engaging China in a trade war, what do you call these constant corporate espionage cyberattacks?

/China is not our friend

They Got Fooled Again

Much like the United States, Iran seems to have a real problem protecting its computer networks. Someone seems to be obsessed with sabotaging their nuclear program. I wonder who that might be?

Second computer virus infiltrates Iran’s computer systems

Iran has discovered a second computer virus designed to damage government computer systems.

The discovery of the virus, called Stars, was announced Monday by a senior Iranian official, Gholam-Reza Jalali, head of an Iranian cyberdefense agency, according to reports.

Jalali said in a statement that the damage from the virus, which looks like a regular government computer file, has been minimal and that Iranian scientists are currently studying the virus.

The virus was aimed at nuclear facilities, according to the Washington Post, and seems to suggest “a broader campaign by foreign saboteurs to undermine Iran’s atomic energy program.”

See also:
New Computer Strike Could Target Iranian Atomic Sites
Fresh Virus Outbreak Affects Iran’s Computer Systems
Iran discovers 2nd virus attack
New cyber attack targets Iran
Iran Claims Stars Virus a Second Cyber-Attack
Iranian official: New computer worm discovered
Iran investigates Stars virus
Iran Says It Was Targeted With Second Worm, Stars
As the Worm Turns: Iran Sees Stars
Iran says is uncovers second cyber attack
Iran Under Fresh Malware Attack
Security experts can’t verify Iran’s claims of new worm
Is the Stars Worm Just a Hoax?

Well, I certainly hope the Stars virus attack on Iran’s nuclear program isn’t a hoax and does as much damage as the Stuxnet worm, which was apparently wildly more effective than Iran is admitting to.

/you’ll note that Iran still hasn’t managed to power up the Bushehr reactor, which is as good a yardstick as any that their nuclear program has been ground to a halt