The Hacker News - Cybersecurity News and Analysis: stuxnet malware

Security researchers have discovered a sophisticated piece of malware that uses tricks from the Stuxnet sabotage malware and is specifically designed to target industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems. Researchers at the security firm FireEye Labs Advanced Reverse Engineering said on Thursday that the malware, dubbed " IRONGATE ," affects Siemens industrial control systems. The malware only works in a simulated environment and is probably just a proof-of-concept that is likely not used in wild; therefore is not yet advanced enough to impact real-world systems . The Irongate malware "is not viable against operational Siemens control systems," the cybersecurity firm said in its blog post , and the malware "does not exploit any vulnerabilities in Siemens products." The researchers found this malware fascinating due to its mode of operation that included some Stuxnet-like behavior. The Stuxnet sab

Microsoft has come up with its most important Patch Tuesday for this year, addressing the recently disclosed critical the FREAK encryption-downgrade attack , and a separate five-year-old vulnerability leveraged by infamous Stuxnet malware to infect Windows operating system. Stuxnet malware , a sophisticated cyber-espionage malware allegedly developed by the US Intelligence and Israeli government together, was specially designed to sabotage the Iranian nuclear facilities a few years ago. First uncovered in 2010, Stuxnet targeted computers by exploiting vulnerabilities in Windows systems. Thankfully, Microsoft has issued a patch to protect its Windows machines that have been left vulnerable to Stuxnet and other similar attacks for the past five years. The fixes are included in MS15-020 which resolves Stuxnet issue. The company has also issued an update that patches the FREAK encryption vulnerability in its SSL/TSL implementation called Secure Channel (Schannel). The fix