mercredi 30 mars 2011

Analyzing a Stuxnet Infection with the Sysinternals Tools

Lecture obligatoire des billets de Mark Russinovich...

-> Analyzing a Stuxnet Infection with the Sysinternals Tools, Part 1
(guettez la suite)

Wikipedia, the free encyclopedia

Stuxnet is a Windows
computer worm discovered in July 2010 that targets industrial software and equipment. While it is not the first time that hackers have targeted industrial systems, it is the first discovered malware that spies on and subverts industrial systems, and the first to include a programmable logic controller (PLC) rootkit.

The worm initially spreads indiscriminately, but includes a highly specialized malware payload that is designed to target only
Siemens Supervisory Control And Data Acquisition (SCADA) systems that are configured to control and monitor specific industrial processes. Stuxnet infects PLCs by subverting the Step-7 software application that is used to reprogram these devices.
Different variants of Stuxnet targeted five Iranian organisations...
~~ édition
Voici la vidéo d'une présentation d'une heure par Bruce Dang & Peter Ferrie de MSRT sur Stuxnet.
-> Adventures in Analyzing Stuxnet


Aucun commentaire:

Enregistrer un commentaire