news

New means through which the Stuxnet worm, which is able to infect industrial facilities and take over their control systems, spreads have been identified. According to Symantec analysts, Stuxnet is able to reinfect previously disinfected Windows systems that are running Siemens STEP 7 industrial automation software by writing itself into the project folders created by the development environment for STEP 7 programmable logic controllers. The worm modifies certain files and saves infected DLLs, some of them encrypted.

Through a mechanism comparable to that exposed by the Windows DLL search path vulnerability disclosed in August, when a STEP 7 project with a dormant infection is opened the library is loaded. This DLL then decrypts and launches the actual Stuxnet library. The result is reinfection. Forwarding of project folders can also lead to infection.

The Unique Identification Authority of India has long emphasized that the focus of the Aadhaar number is on giving the poor and marginalized in India their first clear, easily verifiable, mobile identity.

Ranjna Sadashiv Sonwane, a tribal woman from Tembhali village in Nandurbar, in the western state of Maharashtra, became the first recipient of the Aadhaar number under the Unique identification project. Ranjna received the Aadhaar (the UID brand) letter from Prime Minister Dr. Manmohan Singh on Thursday, the day he launched the initiative nationally.

Ranjna’s letter marks the point where the Aadhaar initiative transforms from a technology concept to an on the ground reality. Ranjna had enrolled with her five-year old son Hitesh, who was the second person to receive the Aadhaar letter. For Hitesh, Aadhaar will be his first proof of identity.

A major new malware spam campaign mimicking invites sent via business networking site LinkedIn.com leverages user trust and a kitchen sink of browser exploits in a bid to install the password-stealing ZeuS Trojan.

The spam campaign began Monday morning, according to security experts at networking giant Cisco Systems, and for a while the fake LinkedIn invitations accounted for as much as 24 percent of all spam. Recipients who click links in the message are taken to a Web page that reads, “Please Waiting, 4 seconds,” and then sent on to Google.com.

On the way to Google, however, the victim’s browser is silently passed through a site equipped with what appears to be the SEO Exploit Pack, a commercial crimeware kit that tries to exploit more than a dozen browser vulnerabilities in an attempt to install ZeuS.