Threat of the month

Share this article:
What is it?

In July, the new Stuxnet malware was found to use legitimately signed files in the targeted attack of SCADA control systems. Although the signature was reportedly expired, it is clear evidence that a digital signature can be “compromised” if enough resources are applied.

Following that, in August, a new variant of Alureon, a popular rootkit, was found to evade driver signing and kernel patch protection built into Windows 64-bit operating systems. This event demonstrates how the security controls can be bypassed by infecting the master boot record and executing the malicious code before the operating system's security controls can establish themselves.

How can I prevent it?
Those behind these malwares have the means and motivation to succeed. As a global IT community, we must be aware of these advanced threats targeting our environments. Further, we must find
ways to employ additional layers of control to limit the opportunity for
compromise.

— Don DeBolt, director of threat research, CA Technologies
Share this article:

Sign up to our newsletters

More in Opinions

An IT lens on data breach response

An IT lens on data breach response

This heightened awareness regarding data breach response time has created an interesting dynamic for security professionals.

Ensuring your developers love - or at least don't hate - security

Ensuring your developers love - or at least ...

The relationship between development and security doesn't need to be hostile, and there are ways to engage developers more with security.

Backing diversity lowers the bar?

Backing diversity lowers the bar?

Many groups have striven to cultivate a more welcoming workplace, says Alison Gianotto.