What are you doing to keep Duqu from affecting your network?

bralphye

There have many stories about Duqu, and how sophisticated of a security threat it is. It has been on TV news, in tech magazines, pretty much everywhere. Are you taking any special precautions to specifically to keep Duqu from affecting your company network, or your home PC for that matter?

Topic: Security
Answer this Question

Answers

2 total
JOiseau
Vote Up (19)

 

I think a lot of the concern is driven by the press at the moment.  We installed the hotfix that Microsoft released last week.  Other than that, we have just followed our standard security practices.  All of our updates are current, but that is SOP.  Hopefully, this will be sufficient for the moment, but I am aware that there are a few duqu specific steps we could also take.  It seems that duqu has had quite specific targets, and since we aren't in the nuclear power business or industrial control manufacturers, I think we are ok.  Also, from what I understand, Duqu has essentially ran its course, and was only active for a set period last August.  I realize that there may be subsequent variables, but the alarm has been sounded and the weaknesses exploited by Duqu identified.

 

If you are really worried about it, I saw that there is a free Duqu detector available.

http://www.fiercecio.com/techwatch/story/free-duqu-detector-toolkit-rele...

 

jimlynch
Vote Up (14)

Hi bralphye,

I run Linux and Mac OS X, so it's not a problem for my computers. However, it's certainly good to be aware of it. Computer World has a pretty good FAQ about Duqu that you might want to read.

FAQ: What's the big deal about Duqu?
http://www.computerworld.com/s/article/9221817/FAQ_What_s_the_big_deal_a...

" The recently discovered Duqu Trojan has received considerable attention from the security research community. Here's why. What is Duqu? It's a Remote Access Trojan (RAT) that is designed to steal data from computers it infects. It was discovered by the Laboratory of Cryptography and Systems Security (CrySys) at Budapest University.

RATs are pretty common these days. Why is so much attention to Duqu? Duqu is believed to have been created by the same people who wrote Stuxnet, the worm that was used to disrupt operations at Iran's Natanz nuclear facility last year. A lot of security analysts believe that it is a precursor to the next Stuxnet and poses a grave threat to the industrial control systems that manage equipment at critical infrastructure facilities such as power plants and water treatment facilities."

Ask a question

Join Now or Sign In to ask a question.
A banking trojan, known for its small size but powerful capabilities, has expanded the number of financial institutions it can collect data from, according to security vendor Avast.
It's not easy to figure out if your data has been collected by hackers, but an online tool has been expanded to hunt through one of the most prolific sources of leaked data, known as "pastes."
In the boardroom, when it comes to addressing the topic of security, there's tension on both sides of the table.
Miffed certificate authorities are calling on Google to give websites more time to upgrade the security used in browser-to-server communications before displaying warnings in Chrome.
What goes through the mind of a CSO/CISO upon being told by his or her team that their organization has been breached?
A security researcher has found that the malware used in the Home Depot and Target breaches are unrelated and cannot be used as an indicator that the same group is behind the attacks.
As VMware sells its network virtualization software, it's finding that security is a big driver for adoption.
Google fielded 19 percent more requests from the U.S. government for data on its users in the first half of this year compared to the second half of last year, the company said Monday.
What should happen to your personal digital communications -- emails, chats, photos and the like -- after you die? Should they be treated like physical letters for the purposes of a will?
A software development project launched Monday aims to create free tools that simplify the encryption of online forms of communication like email, instant messaging, SMS and more by solving the complexity associated with the exchange and management of encryption keys.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+