I just posted a video walking through the stuxnet exploit and how it can impact endpoints simply by viewing the site and how a strong application whitelisting solution like BOUNCER stops this.
This attack is a good illustration of a vulnerability that affects all versions of Windows and was specifically targeting SCADA environments. More specifically it affects any systems that use shortcuts.
While antivirus companies scramble for a fix to the latest threat of the day, it seems to make more sense to look for security solutions that defend against these sorts of attacks proactively.
Greg, Good video. Additional information would have been to show the log from the client system to show that the DLL/application was blocked.
Thanks for the video.
Daniel.
[...] specialist at Offensive Computing, LLC. The most recent example is the latest incarnation of the Stuxnet worm, which uses techniques to evade antivirus detection and install itself on Windows syste… The good news for networks protected by CoreTrace’s BOUNCER application whitelisting solution, [...]