Speaking at the S4ICS conference in Miami, FL on Wednesday, Ralph Langner described Stuxnet as a long-term Man-in-the-Middle attack rather than a short-term virus attack.
Stuxnet is a two-step malware product that first infects Windows systems, then attacks Siemens System 7 PLC units, such as those being used in Iran for nuclear research. Langner, a security researcher who knows more about Stuxnet code than practically anyone else, was quoted as saying, "we are 100 percent confident that Stuxnet's target was the Natanz enrichment plant in Iran."Read More
Security researcher Luigi Auriemma has unearthed a few more SCADA vulnerabilities, most affect the Human–machine interface (HMI) systems. As a result US-CERT has published alerts much like this one for all of Auriemma's new vulnerabilities. This is becoming a standard drill for the ICS industry.Read More