»Duqu, the so-called “son of Stuxnet” trojan, contains a dropper program that exploits a previously unknown vulnerability in the Windows kernel. This adds merit to security industry suspicions that Duqu is a sophisticated piece of malware, possibly containing underlying Stuxnet code. Analysts have suggested that Duqu was created to conduct reconnaissance of target industrial control systems, and may be a precursor to another Stuxnet-like attack.»Chinese officials have repudiated a report from the U.S.-China Economic and Security Review Commission accusing the country of attempted hacks into two U.S. government satellites in 2007 and 2008. Hong Lei, a spokesman for China's Foreign Ministry, said the draft report was “untrue and has ulterior motives,” according to published accounts. The report, to be released this month, said hackers interfered with a Landsat 7 earth observation satellite for 12 or more minutes in October 2007 and June 2008, and a Terra AM-1 satellite experienced 11 minutes of interference from 2007 to 2008.
»Researchers discovered a spike in malware infecting thousands of WordPress websites that use a popular image tool. The attacks came to light after The Poitou-Charentes Journal, a French media outlet, began hosting malicious code on its WordPress site. Jan Sirmer, a senior researcher at Avast, found attackers had exploited weak FTP server authentication credentials and a vulnerability in the TimThumb image resizer to upload malicious PHP files to the site. The attack used the BlackHole exploit kit, which redirected website visitors to an external malware-hosting site.
»A trojan that has been targeting Linux users for several years is now setting its sights on the Mac OS X. The so-called “Tsunami” backdoor trojan is derived from an older Linux malware family that has been around since at least 2002, according to Robert Lipovsky, researcher at anti-virus company ESET. It enables infected machines to participate in DDoS attacks intended to flood websites with traffic. The trojan also can be used to download additional malware and take control of an affected machine.
»Hackers targeted at least 29 companies in the chemical sector during an attack campaign aimed at stealing intellectual property, such as design documents, formulas and manufacturing processes, according to Symantec. The affected firms, which were not identified, include Fortune 100 companies involved in research and development of chemical compounds and advanced materials. The attacks, dubbed “Nitro” by Symantec researchers, began in late July and continued into September.
»Researchers at security firm Websense reported that 62 percent of sites reached when making common misspellings for Facebook.com led to bot networks (24 percent), phishing sites (21 percent) or malware-serving sites (17 percent). Users also have been led to sites promoting sex or other objectionable material.
»Companies can spend up to a year, on average, to restore their reputation following a data breach, according to a new study by the Ponemon Institute. The survey of 843 executives found that an organization's brand value dropped between 17 to 31 percent following an incursion, depending on the type of information lost. Eighty-two percent of respondents said their company had experienced a breach involving sensitive or confidential information. Depending on the type of information lost in the theft, companies, on average, lost between $184 million to more than $330 million in the value of their brand.
» SC Magazine was named a “Spectacular IT Publication” by Bill Morton on the Masters of Information Technology website, www.mastersofinformationtechnology.com, which provides students with the information needed to pursue their master's degree in IT. We're honored. Thank you.