Submitted by Eric Byres on Mon, 2010-10-25 11:27
Stuxnet Mitigation Matrix Updated
This is a short note to let you know that we have updated our Stuxnet Mitigation Matrix to version 1.1, based on feedback from our readers.
The new version addresses the need to test and/or confirm all mitigations, including firewalling the Remote Procedure Call (RPC) protocol.
Submitted by Eric Byres on Thu, 2010-10-21 10:49
Our goal with this blog is to provide you with practical information to help you avoid network incidents that disrupt operations.
With this in mind, today we are releasing a Stuxnet Mitigation Matrix that presents easy-to-follow actions to take against Stuxnet.
Stuxnet Mitigation Matrix by Tofino Security is a printable version of the mitigation matrix that includes dynamic links to detailed information on each of the patches and mitigations.
Submitted by Eric Byres on Thu, 2010-10-14 17:18
Last week, Rick Kaun in his blog “[In]security Culture”, blasted the “security vendors” who were claiming that if the ICS/SCADA world used their offering, we would have avoided the whole Stuxnet mess. As Rick very correctly points out, this is complete rubbish - there is no silver bullet for security in general, but in the Stuxnet case it is dangerously inaccurate.
Submitted by Eric Byres on Fri, 2010-10-01 12:26
I have just come back from three very interesting presentations by Symantec, Microsoft and Kaspersky Labs at the Virus Bulletin 2010 conference. For two hours they discussed their latest findings on Stuxnet, the PLC/SCADA-targeting worm of the decade.
