http://www.computerworld.com/s/article/9221702/Open_source_toolkit_finds_Duqu_infections By Jeremy Kirk IDG News Service November 10, 2011 The lab credited with discovering the Duqu malware has built an open-source toolkit that administrators can use to see whether their networks are infected. The Duqu Detector Toolkit v1.01 looks for suspicious files left by Duqu, which has created a buzz in the security community given its stealthy nature and some characteristics it shares with another famous piece of malicious software, Stuxnet. The Laboratory of Cryptography and System Security (CrySys), part of Budapest University of Technology and Economics based in Hungary, wrote in its release notes that the toolkit, which is composed of four components, looks for strange files that mark an infection. CrySys said that the toolkit should detect a real active Duqu infection, but it is possible to get a false positive, so it cautioned that administrators will need to analyze the results. [...] _____________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isnReceived on Thu Nov 10 2011 - 22:58:13 PST
This archive was generated by hypermail 2.2.0 : Thu Nov 10 2011 - 23:09:07 PST