Cryptographic attacks

Stuxnet

Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing substantial damage to the nuclear program of Iran. Although neither country has openly admitted responsibility, the worm is widely understood to be a cyberweapon built jointly by the United States and Israel in a collaborative effort known as Operation Olympic Games. The program, started during the Bush administration, was rapidly expanded within the first months of Barack Obama's presidency. Stuxnet specifically targets programmable logic controllers (PLCs), which allow the automation of electromechanical processes such as those used to control machinery and industrial processes including gas centrifuges for separating nuclear material. Exploiting four zero-day flaws, Stuxnet functions by targeting machines using the Microsoft Windows operating system and networks, then seeking out Siemens Step7 software. Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart. Stuxnet's design and architecture are not domain-specific and it could be tailored as a platform for attacking modern SCADA and PLC systems (e.g., in factory assembly lines or power plants), most of which are in Europe, Japan, and the United States. Stuxnet reportedly ruined almost one-fifth of Iran's nuclear centrifuges. Targeting industrial control systems, the worm infected over 200,000 computers and caused 1,000 machines to physically degrade. Stuxnet has three modules: a worm that executes all routines related to the main payload of the attack; a link file that automatically executes the propagated copies of the worm; and a rootkit component responsible for hiding all malicious files and processes, to prevent detection of Stuxnet. It is typically introduced to the target environment via an infected USB flash drive, thus crossing any air gap. The worm then propagates across the network, scanning for Siemens Step7 software on computers controlling a PLC. In the absence of either criterion, Stuxnet becomes dormant inside the computer. If both the conditions are fulfilled, Stuxnet introduces the infected rootkit onto the PLC and Step7 software, modifying the code and giving unexpected commands to the PLC while returning a loop of normal operation system values back to the users. (Wikipedia).

Stuxnet
Video thumbnail

HackTheBox Walkthrough - Devel

In this video, I will be showing you how to pwn Develon HackTheBox. 📈 SUPPORT US: Patreon: https://www.patreon.com/hackersploit Merchandise: https://teespring.com/en-GB/stores/hackersploitofficial SOCIAL NETWORKS: Reddit: https://www.reddit.com/r/HackerSploit/ Twitter: https://twitter.co

From playlist HTB

Video thumbnail

27c3: Adventures in analyzing Stuxnet

Speakers: Bruce Dang, Peter Ferrie There has been many publications on the topic of Stuxnet and its "sophistication" in the mainstream press. However, there is not a complete publication which explains all of the technical vulnerability details and how they were discovered. In this talk,

From playlist 27C3: We come in peace

Video thumbnail

Our Content Is Now On LBRY

In this video, I discuss the recent changes to the YouTube algorithm, community guidelines and how it has affected cybersecurity content creators. Our content is now available on LBRY, a decentralized video sharing platform with no restrictions and censorship. LBRY Channel: https://lbry.t

From playlist Announcements

Video thumbnail

Recon-ng V5 - Web Interface

In this video, I take a look at the Recon-ng V5 web interface. Recon-ng is a full-featured reconnaissance framework designed with the goal of providing a powerful environment to conduct open-source web-based reconnaissance quickly and thoroughly. 📈 SUPPORT US: Patreon: https://www.patreon

From playlist Recon-ng V5

Video thumbnail

Got Citrix Hack It! 5/5

Speaker: Shanit Gupta clip 5/5

From playlist ShmooCon 2008

Video thumbnail

HackTheBox Walkthrough - Legacy

In this video, I will be showing you how to pwn Legacy on HackTheBox. 📈 SUPPORT US: Patreon: https://www.patreon.com/hackersploit Merchandise: https://teespring.com/en-GB/stores/hackersploitofficial SOCIAL NETWORKS: Reddit: https://www.reddit.com/r/HackerSploit/ Twitter: https://twitter.

From playlist HTB

Video thumbnail

How To Build An integration With Steemit Using Facebook's JS SDK | Introduction | #programming

Don’t forget to subscribe! In this project series, you will learn to build an integration with Steemit using Facebook’s JavaScript SDK. Using the Facebook JavaScript SDK and the methods concerning Facebook pages, we'll integrate these pages with a given Steemit account to earn blockchain

From playlist Build An integration With Steemit Using Facebook's JS SDK

Video thumbnail

Five Horrible Computer Viruses That Will Ruin You

You may have heard of the more common computer viruses, but these 5 are a few more extra dangerous viruses you REALLY do not want on your computer. From taking your files ransom to foiling uranium enrichment, Hank will teach you a little more about these viruses in a fun new episode of Sci

From playlist Uploads

Video thumbnail

DEFCON 19: An Insider's Look at International Cyber Security Threats and Trends

Speaker: Rick Howard Verisign iDefense General Manager Verisign iDefense General Manager, Rick Howard, will provide an inside look into current cyber security trends with regard to Cyber War, Cyber Hacktivism, and Cyber Espionage. In this presentation Rick will discuss the current capabil

From playlist DEFCON 19

Video thumbnail

27c3: Building Custom Disassemblers (en)

Speaker: FX of Phenoelit Instruction Set Reverse Engineering The Reverse Engineer occasionally faces situations where even his most advanced commercial tools do not support the instruction set of an arcane CPU. To overcome this situation, one can develop the missing disassembler. This

From playlist 27C3: We come in peace

Video thumbnail

a real vlog: Channel update, Duqu and Derbycon

DerbyCon playlist: http://bit.ly/derby_con Articles about Duqu: Son of Stuxnet Found in the Wild on Systems in Europe: http://bit.ly/pfgD3u Symantec Security Response: W32.DUQU The precursor to the next Stuxnet : http://bit.ly/pePf0U The Day of the Golden Jackal -- The Next Tale in the

From playlist Vlogs

Video thumbnail

Vlog: CIC News 4-3-2012: Fmr. CIA head calls Stuxnet virus good idea

Fmr. CIA head calls Stuxnet virus "good idea" http://bit.ly/recart040312

From playlist Vlogs

Video thumbnail

DeepSec 2010: Cyberwar on the Horizon

Thanks to the DeepSec organisation for making these videos available and let me share the videos on YouTube. Speaker: Stefan Schumacher | www.kaishakunin.com Cyber War has been defined by Richard A. Clarke as --actions by a nation-state to penetrate another nation's computers or networks

From playlist DeepSec 2010

Video thumbnail

How To Build An integration With Steemit Using Facebook's JS SDK | Session 05 | #programming

Don’t forget to subscribe! In this project series, you will learn to build an integration with Steemit using Facebook’s JavaScript SDK. Using the Facebook JavaScript SDK and the methods concerning Facebook pages, we'll integrate these pages with a given Steemit account to earn blockchain

From playlist Build An integration With Steemit Using Facebook's JS SDK

Video thumbnail

How to use HTC Vive with Google Earth

Some basic controls when you use HTC Vive to fly in Google Earth.

From playlist Unboxing / Product Reviews

Video thumbnail

Threats of cyber warfare

Support CaspianReport on Patreon: https://www.patreon.com/CaspianReport Follow Nathan on Twitter: https://twitter.com/NathanAB_ WASHINGTON - Over the last decade, high profile cyber attacks have steadily increased among national governments such as the United States, China, Russia, Israe

From playlist Technology

Video thumbnail

Malware Analysis With Ghidra - Stuxnet Analysis

Hey guys! HackerSploit here back again with another video, in this video, Amr will be reviewing the new Ghidra reverse engineering and analysis tool while analysing Stuxnet to demonstrate it's featureset. Learn malware analysis: Webinar: https://maltrak.com/malware_analysis_webinar Stuxne

From playlist Malware Analysis

Video thumbnail

DeepSec 2010: Malware World 2010 - Beware the Predators

Thanks to the DeepSec organisation for making these videos available and let me share the videos on YouTube. Speaker: Toralv Dirro, McAfee Labs Malware is still on the rise, numbers are growing, but everyone knows that. So we try to take a look behind the obvious to find the reasons for

From playlist DeepSec 2010

Video thumbnail

How To Build An integration With Steemit Using Facebook's JS SDK | Session 02 | #programming

Don’t forget to subscribe! In this project series, you will learn to build an integration with Steemit using Facebook’s JavaScript SDK. Using the Facebook JavaScript SDK and the methods concerning Facebook pages, we'll integrate these pages with a given Steemit account to earn blockchain

From playlist Build An integration With Steemit Using Facebook's JS SDK

Video thumbnail

4.10 Excursion Advanced Persistent Threat

From playlist Internet Security for Beginners by Dr. Christoph Meinel

Related pages

Regin (malware) | Code signing | Duqu | DigiNotar | Digital signature | Man-in-the-middle attack | Rootkit | Hertz | Verisign | Public key certificate | Flame (malware)