Why the Stuxnet worm is like nothing seen before

Stuxnet is a Windows-specific computer worm first discovered in June 2010 by VirusBlokAda, a security firm based in Belarus. It is the first discovered worm that spies on and reprograms industrial systems. It was specifically written to attack Supervisory Control And Data Acquisition (SCADA) systems. Stuxnet exploits the known windows vulnarabilities and implants the malicious code on target system which then reprograms the programmable logic controllers (PLCs) and hide the changes. It is the first-ever computer worm to include a PLC rootkit.  Furthermore the worm's probable target has been said to have been high value infrastructures in Iran using Siemens control systems. It has also been said that the infestation by this worm might have delayed the start up of Iran's Bushehr nuclear power plant. Kaspersky Labs has released a statement that Stuxnet will lead to creation of a new arms race in the world, while noting that the infections in Iran are off the charts. Stuxnet could make Iran the first victim of cyber warfare in history.


More about Stuxnet

Phishing and New Mozilla Account Manager add-on

Phishing is all about deception. Check out Aza's blog post which talks about one such interesting way. Finally the post boils down to publicize the new Mozilla's Account manager add-on. http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/ This add-on sounds like another form of open-ID implementation, with no cloud footprint and with its own spec. Still in the beta phases this feature might get included in the firefox browser soon. With this user security is as good as the security of the local data (to be more specific the Mozilla's security manager). Integration of this with One time password is a good to have. More Reading http://www.mozilla.com/en-US/firefox/accountmanager/ https://wiki.mozilla.org/Labs/Weave/Identity/Account_Manager