[ISN] Iranian CERT Takes Center Stage With Flame

From: InfoSec News <alerts_at_private>
Date: Thu, 31 May 2012 04:19:48 -0500 (CDT)

By Kelly Jackson Higgins
Dark Reading
May 30, 2012

Mostly overshadowed by this week's discovery of Flame, the massive 
cyberespionage toolkit, was how Iran's Computer Emergency Response Team 
(CERT) took an unprecedented lead role in disseminating information on 
the infection worldwide and released a removal tool.

For the most part, the organization has kept a low global profile. But 
the Iranian CERT's reaching out to security vendors with information it 
had on the Flame malware kit came as surprise to many, and appears to 
reflect a shift in how the CERT publicly handles targeted attacks and 
other cyberthreats.

"Iran's CERT seems to be more engaged with the rest of the world than 
the Iranian government," says Jeffrey Carr, CEO of Taia Global. "Like 
you'd expect from a CERT, actually."

The Iran National CERT, also known as MAHER, contacted various antivirus 
vendors with information on Flake -- malware it had been analyzing for 
months. A member of the CERT, who declined to discuss details of the 
effect of the attack on Iranian organizations, said in an email response 
that the CERT had sent AV vendors samples of Flame to alert them and to 
"help in solving a cyber threat."


Help InfoSec News with a Donation
Received on Thu May 31 2012 - 02:19:48 PDT

This archive was generated by hypermail 2.2.0 : Thu May 31 2012 - 02:14:53 PDT