Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Four-year old flaw exploited by Stuxnet still targeted

Four-year old flaw exploited by Stuxnet still targeted

2014/08/18

Securityweek - (International) Kaspersky Lab researchers found that vulnerability CVE-2010-2568 leveraged in the Stuxnet attacks was still present on many systems 4 years after it was patched, with tens of millions of exploits targeting the vulnerability observed between November 2013 and June 2014. The researchers also found that other older vulnerabilities are still frequently targeted, and that around 53 percent of 15.06 million detected exploits targeted Java vulnerabilities. [ed.: for more on this Microsoft vulnerability, see here and here; this is a perfect example of the need to stay on top of your patching!]

Source: http://www.securityweek.com/four-year-old-flaw-exploited-stuxnet-still-targeted

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:21:24