The Day The Stuxnet Died

Deep inside one of Stuxnet’s configuration blocks, a certain 8 bytes variable holds a number which, if read as a date, points to June 24th, 2012. This is actually the date when Stuxnet’s LNK replication sub-routines (https://securelist.com/myrtus-and-guava-episode-1/29614/) stop working and the worm stops infecting USB memory sticks. Read Full Article

New APT Attack Shows Technical Advance in Exploit Development

Recently, we came by an interesting targeted attack which was evading most antivirus products. This is a recent spearphish targeting various Tibetan and human rights activists. It demonstrates the level of effort put into infiltrating their groups with some unique characteristics, relative to the many other exploits targeting CVE-2012-0158. Here’s how such e-mails appear:

Read Full Article

Patch Tuesday June 2012 – IE Client Side and RDP Exposures, 27 Other Vulnerabilities

Microsoft released a set of five bulletins, patching 29 total software vulnerabilities. Multiple remote code execution holes are being patched, but the two most urgent are the Internet Explorer and Remote Desktop Protocol updates. Almost half of the 29 vulnerabilities being patched this month are maintained in versions 6, 7, 8, and 9 of Internet Explorer code, all patched with Security Bulletin MS12-037. Read Full Article