VB Migration

Tag: duqu

  • VB2018 paper: Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors

    IT security research stumbled into the world of nation-state intelligence operations more or less by accident. In a now classic VB2015 paper , Juan Andres Guerrero-Saade discussed this shift from security research to intelligence brokerage and what this implied. Juan Andres has been a regular speaker at the VB conference since then, and has given…

  • VB2018 paper: Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors

    IT security research stumbled into the world of nation-state intelligence operations more or less by accident. In a now classic VB2015 paper , Juan Andres Guerrero-Saade discussed this shift from security research to intelligence brokerage and what this implied. Juan Andres has been a regular speaker at the VB conference since then, and has given…

  • Duqu 2.0 found to target security company

    Advanced malware also targeted venues linked to Iranian nuclear negotiations. There are some security stories you couldn’t make up. The authors of an advanced malware tool have used a new version of that same tool to target a security company that played a prominent role in the discovery and analysis of the original version of…

  • Flame worm one of the most complex threats ever discovered

    Malware possibly used for cyber-espionage. The jury is out on whether ‘Flame’ (also known as ‘Flamer’ or ‘Skywiper’) is ‘the most lethal cyberweapon to date’ as some have claimed , or just a highly complex and sophisticated piece of malware. But simply from looking at the volume of security vendors’ blog posts dedicated to the…

  • ‘Son of Stuxnet’ trojan found

    ‘Duqu’ used in targeted attacks to steal specific information. Researchers at both Symantec and McAfee have discovered a new Remote Access Trojan (RAT) with strong links to Stuxnet being used in some highly targeted attacks. The trojan, which has been named ‘Duqu’ after the files with prefix ~DQ it creates, shares source code with Stuxnet…