Here's the most recent timeline. Everything is in UTC (Zulu) time. *** UPDATED ON SATURDAY, AUGUST 6, 2011 *** +++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 8-Apr-2009 Electricity Grid in U.S. Penetrated By Spies; article discusses how foreign nationals are already within our infrastructures. URL: http://online.wsj.com/article/SB123914805204099085.html ================ 10-Apr-2009 (1200 hrs UTC) Just how vulnerable is the electrical grid? URL: http://news.cnet.com/8301-1009_3-10216702-83.html ================ Sometime in Jun-2009 Wikipedia outline of 'Stuxnet' URL: http://en.wikipedia.org/wiki/Stuxnet Is Stuxnet the 'best' malware ever? Supporting URL: http://www.infoworld.com/print/137598 ================ 24-Jun-2010 Realtek Semiconductor notified regarding signed digital signature keys by VirusBlokAda. URL: http://www.f-secure.com/weblog/archives/new_rootkit_en.pdf URL: http://www.anti-virus.by/en/tempo.shtml ================ 12-Jul-2010 (1318 hrs UTC) Siemens was notified regarding the malware program by VirusBlokAda. URL: http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx (updated 21-Jul-2010) ** NOTE: Siemens now requires that you create an account and login to access any of their web site data. ** NOTE: Depending on which industry you are in, Siemens may/may not deny you access to this URL. ================ 13-Jul-2010 (updated 20-Jul-2010) Discussion about Rootkit.TmpHider malware on discussion forum. URL: http://www.wilderssecurity.com/showthread.php?p=1712146 Supporting PDF URL: http://www.wilderssecurity.com/attachment.php?attachmentid=219888&d=1279012965 ================ 15-Jul-2010 (1255 hrs UTC) Heise Security discloses about malware vulnerability discovery. URL: http://www.heise.de/newsticker/meldung/Trojaner-verbreitet-sich-ueber-neue-Windows-Luecke-1038281.html --- 15-Jul-2010 (1309 hrs UTC) European researcher posts article regarding malware advisory on SCADASEC. URL: http://news.infracritical.com/pipermail/scadasec/2010-July/001467.html --- 15-Jul-2010 (1608 hrs UTC) (updated 18-Jul-2010) US-CERT posts advisory regarding malware vulnerbaility. URL: http://www.kb.cert.org/vuls/id/940193 --- 15-Jul-2010 (1640 hrs UTC) (updated 20-Jul-2010) ICS-CERT posts advisory regarding malware vulnerability. URL: http://www.us-cert.gov/control_systems/pdf/ICSA-10-201-01%20-%20USB%20Malware%20Targeting%20Siemens%20Control%20Software.pdf (updated 20-Jul-2010) --- 15-Jul-2010 Frank Boldewin announces disclosure of malware software. URL: http://www.reconstructer.org/main.html URL: http://www.h-online.com/security/news/item/Trojan-spreads-via-new-Windows-hole-1038992.html (posted 15-Jul-2010 1628 hrs UTC) URL: http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/ (posted 15-Jul-2010 0524 hrs UTC, updated 16-Jul-2010 1149 hrs UTC) --- 15-Jul-2010 Slashdot reports about the malware vulnerability. URL: http://it.slashdot.org/submission/1283670/Malware-Targets-Shortcut-Flaw-in-Windows-SCADA (posted 15-Jul-2010 1826 hrs UTC) URL: http://it.slashdot.org/story/10/07/15/1955228/Malware-Targets-Shortcut-Flaw-In-Windows-SCADA (updated 15-Jul-2010 2109 hrs UTC) ================ 16-Jul-2010 (updated 20-Jul-2010) Microsoft posts security advisory. URL: http://www.microsoft.com/technet/security/advisory/2286198.mspx --- Security Advisory 2286198 Released Supporting URL: http://blogs.technet.com/b/msrc/archive/2010/07/16/security-advisory-2286198-released.aspx --- 16-Jul-2010 (2310 hrs UTC) Microsoft provides insight regarding Stuxnet viruses. URL: http://blogs.technet.com/b/mmpc/archive/2010/07/16/the-stuxnet-sting.aspx --- 16-Jul-2010 (0008 hrs UTC) ZDnet UK reports malware as "rootkit" going after Indian and Iraqi systems. URL: http://www.zdnet.co.uk/news/security/2010/07/16/spy-rootkit-goes-after-key-indian-iranian-systems-40089564/ --- 16-Jul-2010 SANS announces potential discovery of vulnerability in Windows "LNK" files. URL: http://isc.sans.edu/diary.html?storyid=9181 (updated 18-Jul-2010 2117 hrs UTC) -- 16-Jul-2010 (1038 UTC) Windows Shortcut Flaw underpins power plant Trojan URL: http://www.theregister.co.uk/2010/07/16/windows_shortcut_trojan/ ================ 17-Jul-2010 (2016 hrs UTC) Verisign revokes certificates used by Stuxnet malware. URL: http://threatpost.com/en_us/blogs/verisign-revokes-certificate-used-sign-stuxnet-malware-071710 ================ 19-Jul-2010 Siemens posts updated regarding security advisory. URL: http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx (updated 20-Jul-2010 2006 hrs UTC) ** NOTE: Siemens now requires that you create an account and login to access any of their web site data. ** NOTE: Depending on which industry you are in, Siemens may/may not deny you access to this URL. --- 19-Jul-2010 (2006 hrs UTC) SANS posts advisory regarding vulnerability. URL: http://isc.sans.edu/diary.html?storyid=9190 --- 19-Jul-2010 (2029 hrs UTC) Highly Dangerous Zero-day Windows Trojan Targets Espionage URL: http://www.networkworld.com/community/node/63863 --- 19-Jul-2010 (2257 hrs UTC) MSNBC and Reuters both report on the event/incident. URL: http://www.msnbc.msn.com/id/38315572 URL: http://www.reuters.com/article/idUSTRE66I5VX20100719 --- 19-Jul-2010 (0029 hrs UTC) Wired magazine reports regarding hard-coded passwords known for years in Siemens product. URL: http://www.wired.com/threatlevel/tag/siemens/ Alt URL: http://www.wired.com/threatlevel/2010/07/siemens-scada/ ================ 20-Jul-2010 (0847 hrs UTC) CNET reports about the malware vulnerability. URL: http://forums.cnet.com/5208-6132_102-0.html?messageID=3341877 --- 20-Jul-2010 (1300 hrs UTC) Another signed Stuxnet binary found. URL: http://www.f-secure.com/weblog/archives/00001993.html ================ 21-Jul-2010 Microsoft posts workaround for .LNK and .PIF file functionalities. URL: http://support.microsoft.com/kb/2286198 --- 21-Jul-2010 Siemens warns Stuxnet targets of Scada password risk URL: http://www.zdnetasia.com/siemens-warns-stuxnet-targets-of-scada-password-risk-62201491.htm Supporting URL: http://www.zdnet.co.uk/news/security-threats/2010/07/20/siemens-warns-stuxnet-targets-of-scada-password-risk-40089591/ (originally 20-Jul-2010) --- 21-Jul-2010 (120 hrc UTC) Details of the first-ever control system malware URL: http://news.cnet.com/8301-27080_3-20011159-245.html ================ 22-Jul-2010 (1446 hrs UTC) Microsoft announces "Coordinated Vulnerability Disclosure" policy. URL: http://blogs.technet.com/b/msrc/archive/2010/07/22/announcing-coordinated-vulnerability-disclosure.aspx URL: http://it.slashdot.org/story/10/07/22/1819239/Microsoft-Makes-Major-Shift-In-Disclosure-Policy (posted 22-Jul-2010 2202 hrs UTC) --- 22-Jul-2010 Siemens makes software utility tool to discover and repair against the Trojan/worm malware available online. URL: http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=view NOTE: Tool make be downloaded here: URL: http://support.automation.siemens.com/WW/llisapi.dll/csfetch/43876783/sysclean.zip?func=cslib.csFetch&nodeid=43920541 You will also need the latest signature file: URL: http://www.trendmicro.com/download/viruspattern.asp There is a security update for the Siemens product which may be found here: URL: http://support.automation.siemens.com/WW/llisapi.dll/csfetch/43876783/SIMATIC_Security_Update_20100722.exe?func=cslib.csFetch&nodeid=43920545 ================ 26-Jul-2010 SOPHOS announces "Windows Shortcut Exploit Protection Tool". URL: http://www.sophos.com/products/free-tools/sophos-windows-shortcut-exploit-protection-tool.html ================ 27-Jul-2010 Network admins must beware of Stuxnet URL: http://www.zdnetasia.com/network-admins-must-beware-of-stuxnet-62201573.htm ================ 28-Jul-2010 Expert: Critical system flaws a 'ticking time bomb'; Jonathana Pollet describes flaws of cybersecurity. URL: http://news.cnet.com/8301-27080_3-20012027-245.html --- 28-Jul-2010 Symantec identifies W32.Stuxnet variants. URL: http://www.symantec.com/connect/blogs/w32stuxnet-variants Supporting PDF URL: http://www.securityfocus.com/bid/41732 (15-Jul-2010, update 11-Aug-2010) ================ 30-Jul-2010 Microsoft Security Bulletin Advance Notification for August 2010 (updated 2-Aug-2010) URL: http://www.microsoft.com/technet/security/bulletin/ms10-aug.mspx ================ 2-Aug-2010 Microsoft Security Bulletin MS10-046 - Critical URL: http://www.microsoft.com/technet/security/bulletin/MS10-046.mspx --- 2-Aug-2010 Microsoft rushes fix for Windows shortcut hole Supporting URL: http://www.zdnetasia.com/microsoft-rushes-fix-for-windows-shortcut-hole-62201760.htm --- 2-Aug-2010 Microsoft Security Advisory (2286198) - Vulnerability in Windows Shell Could Allow Remote Code Execution Supporting URL: http://www.microsoft.com/technet/security/advisory/2286198.mspx --- 2-Aug-2010 Weaknesses in Industrial Cyber Security Described URL: http://www.fas.org/blog/secrecy/2010/08/cyber_weaknesses.html Archived PDF URL: http://www.fas.org/sgp/eprint/nstb.pdf ================ 3-Aug-2010 (1443 hrs UTC) DOE: Common security holes leave energy grid vulnerable. URL: http://news.cnet.com/8301-11128_3-20012459-54.html ================ 6-Aug-2010 Stuxnet Introduces the First Known Rootkit for Industrial Control Systems. URL: http://www.symantec.com/connect/blogs/stuxnet-introduces-first-known-rootkit-scada-devices Supporting Symantec 'Stuxnet' blog web site: http://www.symantec.com/connect/symantec-blogs/security-response/11761/all/all/all/all --- 6-Aug-2010 Stuxnet infections continue to rise; total numbers between 90,000 and 100,000 worldwide. URL: http://www.zdnetasia.com/stuxnet-infections-continue-to-rise-62201930.htm ================ 13-Aug-2010 (1200 hrs UTC) Stuxnet could hijack power plants, refineries URL: http://news.cnet.com/8301-27080_3-20013545-245.html ================ 26-Aug-2010 ICSA-10-238-01.STUXNET MALWARE MITIGATION URL: https://www.us-cert.gov/control_systems/pdf/ICSA-10-238-01.pdf ================ 2-Sep-2010 Stuxnet Mitigation Update URL: http://chemical-facility-security-news.blogspot.com/2010/09/stuxnet-mitigation-update.html --- 2-Sep-2010 ICSA-10-238-01A.STUXNET MALWARE MITIGATION URL: https://www.us-cert.gov/control_systems/pdf/ICSA-10-238-01A.pdf --- 2-Sep-2010 Cybercriminals are actively using the vulnerability of Windows URL: http://firejayjacobs.com/?p=1430 ================ 4-Sep-2010 Malware Writers Targeted Patched Windows Shortcut Bug in August URL: http://securitywatch.eweek.com/malware/malware_writers_target_patched_windows_bug.html ================ 9-Sep-2010 stuxnet: targeting the iranian enrichment centrifuges in Natanz? URL: http://frank.geekheim.de/?p=1189 ================ 15-Sep-2010 ICSA-10-238-01B.STUXNET MALWARE MITIGATION URL: https://www.us-cert.gov/control_systems/pdf/ICSA-10-238-01B.pdf --- 15-Sep-2010 Microsoft plugs new hole used by Stuxnet. URL: http://www.zdnetasia.com/microsoft-plugs-new-hole-used-by-stuxnet-62202928.htm --- 15-Sep-2010 Microsoft Security Bulletin MS10-061 - Critical - Vulnerability in Print Spooler Service Could Allow Remote Code Execution (2347290) Supporting URL: http://www.microsoft.com/technet/security/Bulletin/MS10-061.mspx --- 15-Sep-2010 Microsoft Security Bulletin Summary for September 2010 (updated 3-Nov-2010) Supporting URL: http://www.microsoft.com/technet/security/bulletin/ms10-sep.mspx ================ 16-Sep-2010 (1247 hrs UTC) Is Stuxnet the 'best' malware ever? URL: http://www.computerworld.com/s/article/9185919/Is_Stuxnet_the_best_malware_ever_? ================ 17-Sep-2010 SIMATIC WinCC/SIMATIC PCS 7: Information concerning Malware/Virus/Trojan (updated 22-Nov-2010) URL: http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=view ** NOTE: Siemens now requires that you create an account and login to access any of their web site data. ** NOTE: Depending on which industry you are in, Siemens may/may not deny you access to this URL. ================ 21-Sep-2010 (1907 UTC) Was Stuxnet built to attack Iran's nuclear program? URL: http://www.itworld.com/government/121315/was-stuxnet-built-attack-irans-nuclear-program -- 21-Sep-2010 (2008 hrs UTC) Stuxnet malware is 'weapon' out to destroy ... Iran's Bushehr nuclear plant? URL: http://www.csmonitor.com/layout/set/print/content/view/print/327178 Updated URL: http://www.csmonitor.com/USA/2010/0921/Stuxnet-malware-is-weapon-out-to-destroy-Iran-s-Bushehr-nuclear-plant ================ 22-Sep-2010 (0012 UTC) SCADA worm a 'nation state search-and-destroy weapon' URL: http://www.theregister.co.uk/2010/09/22/stuxnet_worm_weapon/ -- 22-Sep-2010 Expert: Stuxnet was built to sabotage Iran nuclear plant URL: http://www.zdnetasia.com/expert-stuxnet-was-built-to-sabotage-iran-nuclear-plant-62203062.htm ================ 23-Sep-2010 Stuxnet Heralds New Generation of Targeted Attacks URL: http://www.darkreading.com/insider-threat/167801100/security/attacks-breaches/227500592/index.html ================ 25-Sep-2010 (2310 hrs UTC) Iran confirms massive Stuxnet infection of industrial systems URL: http://www.computerworld.com/s/article/9188018/Iran_confirms_massive_Stuxnet_infection_of_industrial_systems ================ 29-Sep-2010 ICSA-10-272-01.PRIMARY STUXNET INDICATORS URL: https://www.us-cert.gov/control_systems/pdf/ICSA-10-272-01.pdf ================ 30-Sep-2010 W32.Stuxnet Dossier URL: http://www.symantec.com/connect/blogs/w32stuxnet-dossier Whitepaper PDF URL: http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf ================ 3-Oct-2010 Stuxnet worm: Private security experts want US to tell them more URL: http://www.csmonitor.com/USA/2010/1003/Stuxnet-worm-Private-security-experts-want-US-to-tell-them-more 4-Oct-2010 Nationwide holiday ups China's risk to Stuxnet URL: http://www.zdnetasia.com/nationwide-holiday-ups-china-s-risk-to-stuxnet-62203387.htm ================ 5-Oct-2010 (1200 hrs UTC) Stuxnet: Fact vs. theory URL: http://news.cnet.com/8301-27080_3-20018530-245.html?tag=mncol;2n ================ 11-Oct-2010 EU calls Stuxnet 'paradigm shift' as US responds more mildly URL: http://www.zdnetasia.com/eu-calls-stuxnet-paradigm-shift-as-us-responds-more-mildly-62203570.htm ================ 13-Oct-2010 Microsoft fixes record 49 holes, including Stuxnet flaw URL: http://www.zdnetasia.com/microsoft-fixes-record-49-holes-including-stuxnet-flaw-62203638.htm --- 13-Oct-2010 (1200 hrs UTC) Urban model for cybersecurity eduation; in July, a public utility was hit by the 'Stuxnet' worm URL: http://news.cnet.com/8301-27080_3-20019416-245.html ================ 24-Oct-2010 SCADA Vendors Still Need Security Wake Up Call URL: http://threatpost.com/en_us/blogs/scada-vendors-still-need-security-wake-call-102410 ================ 3-Nov-2010 Stuxnet: Target Still Unknown URL: http://www.symantec.com/connect/blogs/stuxnet-target-still-unknown ================ 4-Nov-2010 Siemens Official Slides on Stuxnet URL: http://ciip.wordpress.com/2010/11/04/siemens-official-slides-on-stuxnet/ ================ 5-Nov-2010 A Different Spin On Sleuthing Stuxnet URL: http://www.darkreading.com/security/news/228200330/index.html ================ 7-Nov-2010 Siemens Official Communication Slides on Stuxnet . Pulled Offline URL: http://ciip.wordpress.com/2010/11/07/siemens-official-communication-slides-on-stuxnet-pulled-offline/ Archived PDF file URL: http://ciip.files.wordpress.com/2010/11/the_stuxnet_malware.pdf ================ 12-Nov-2010 Stuxnet: A Breakthrough URL: http://www.symantec.com/connect/blogs/stuxnet-breakthrough ================ 13-Nov-2010 Stuxnet: and The Truth Shall Set You Free URL: http://ciip.wordpress.com/2010/11/13/stuxnet-and-the-truth-shall-set-you-free/ ================ 15-Nov-2010 What Stuxnet means URL: http://corte.si/posts/security/stuxnet.html --- 15-Nov-2010 Symantec sees Iranian nukes in Stuxnet worm URL: http://www.itworld.com/security/127693/symantec-sees-iranian-nukes-stuxnet-worm --- 15-Nov-2010 Clues Suggest Stuxnet Virus Was Built for Subtle Nuclear Sabotage URL: http://www.wired.com/threatlevel/2010/11/stuxnet-clues/ --- 15-Nov-2010 Stuxnet Developed to Halt Iran's Uranium Enrichment URL: https://www.infosecisland.com/blogview/9589-Stuxnet-Developed-to-Halt-Irans-Uranium-Enrichment.html --- 15-Nov-2010 New Stuxnet clues suggest sabotage of Iran's uranium enrichment program URL: http://www.csoonline.com/article/636344/new-stuxnet-clues-suggest-sabotage-of-iran-s-uranium-enrichment-program --- 15-Nov-2010 (1117 hrs UTC) STUXNET Scanner: A Forensic Tool URL: http://blog.trendmicro.com/stuxnet-scanner-a-forensic-tool/ --- 15-Nov-2010 (1200 hrs UTC) New Stuxnet clues suggest sabotage of Iran's uranium enrichment program URL: http://www.computerworld.com/s/article/9196458/New_Stuxnet_clues_suggest_sabotage_of_Iran_s_uranium_enrichment_program --- 15-Nov-2010 (1519 hrs UTC) Missing piece completes Stuxnet jigsaw URL: http://www.theregister.co.uk/2010/11/15/stuxnet_jigsaw_completed/ --- 15-Nov-2010 (1935 hrs UTC) Symantec: Stuxnet clues point to uranium enrichment target URL: http://news.cnet.com/8301-27080_3-20022845-245.html Supporting URL: http://www.zdnetasia.com/symantec-stuxnet-clues-point-to-uranium-enrichment-target-62204451.htm (16-Sep-2010) ================ 16-Nov-2010 More signs Stuxnet targeted nuclear plants URL: http://www.zdnet.com.au/more-signs-stuxnet-targeted-nuclear-plants-339307280.htm --- 16-Nov-2010 How Stuxnet cyber weapon targeted Iran nuclear plant URL: http://www.csmonitor.com/USA/2010/1116/How-Stuxnet-cyber-weapon-targeted-Iran-nuclear-plant ================ 17-Nov-2010 U.S. on Alert Over Stuxnet Virus Threat URL: http://www.cbsnews.com/stories/2010/11/17/tech/main7063392.shtml ================ 18-Nov-2010 Symantec to US Congress: Stuxnet is 'wake-up call' URL: http://www.zdnetasia.com/symantec-to-us-congress-stuxnet-is-wake-up-call-62204493.htm --- 18-Nov-2010 Upgraded Stuxnet Variants Could Attack US URL: http://www.thenewnewinternet.com/2010/11/18/upgraded-stuxnet-variants-could-attack-us/ ================ 26-Nov-2010 Mystery Surrounds Cyber Missile That Crippled Iran's Nuclear Weapons Ambitions URL: http://www.foxnews.com/scitech/2010/11/26/secret-agent-crippled-irans-nuclear-ambitions/#ixzz174aRFwDZ ================ 29-Nov-2010 Iran Confirms Stuxnet Worm Halted Centrifuges URL: http://www.cbsnews.com/stories/2010/11/29/world/main7100197.shtml -- 29-Nov-2010 (0450 hrs UTC) Stuxnet: Adding a new dimension to cyber war URL: http://economictimes.indiatimes.com/infotech/internet/Stuxnet-Adding-a-new-dimension-to-cyber-war/articleshow/7007661.cms ================ 1-Dec-2010 Stuxnet Redux: Questions and Answers URL: http://www.thesecurityblog.com/2010/12/stuxnet-redux-questions-and-answers/ --- 1-Dec-2010 Stuxnet: Made in the USA; implications that the U.S. fabricated Stuxnet URL: http://www.canadafreepress.com/index.php/article/30583 Supporting URL: http://www.nytimes.com/info/iran-nuclear-program (updated 7-Sep-2010) ================ 2-Dec-2010 Bits before bombs: How Stuxnet crippled Iran.s nuclear dreams URL: http://www.digitaltrends.com/computing/bits-before-bombs-how-stuxnet-crippled-irans-nuclear-dreams/?news=123 --- 2-Dec-2010 Is SAP afraid of a Stuxnet-style attack? URL: http://nationalcybersecurity.com/?p=41610 --- 2-Dec-2010 Iran Admits That Stuxnet Bit Them URL: http://www.strategypage.com/htmw/htiw/articles/20101202.aspx --- 2-Dec-2010 WikiLeaks and Stuxnet - Smart Grid Wakeup Calls URL: http://smart-grid.tmcnet.com/topics/smart-grid-fa/articles/122803-wikileaks-stuxnet-smart-grid-wakeup-calls.htm --- 2-Dec-2010 Iran arrests suspects over scientist's murder URL: http://www.google.com/hostednews/ap/article/ALeqM5g0WpjGHXGupQJ3G4bo7rt52Q2ikw?docId=3175fc6954f9422791fe5d34f7187042 --- 2-Dec-2010 Iran Confirms Stuxnet Worm Halted Centrifuges URL: http://nationalcybersecurity.com/?p=41685 Supporting URL: http://bit.ly/9JD6v8 ================ 3-Dec-2010 Top Security Predictions for 2011 URL: http://www.pcworld.com/businesscenter/article/212347/top_security_predictions_for_2011.html --- 3-Dec-2010 IAEA tells Iran to come clean URL: http://www.upi.com/Top_News/Special/2010/12/03/IAEA-tells-Iran-to-come-clean/UPI-87711291389765/ --- 3-Dec-2010 (1300 hrs UTC) Embedded Passwords: Dangerous by Default URL: http://www.ecommercetimes.com/story/71369.html?wlc=1291392989 ================ 4-Dec-2010 How the Worm Turned; Stuxnet versus the Iranian nuclear program. URL: http://www.weeklystandard.com/articles/how-worm-turned_520704.html --- 4-Dec-2010 Stuxnet rootkit remover URL: http://www.pcnewsy.com/stuxnet-rootkit-remover-9110/ --- 4-Dec-2010 Cyber Warfare Is Here URL: http://www.rampartsofcivilization.com/?p=1423 ================ 5-Dec-2010 Iran Says It Has Produced Its First Yellowcake Uranium URL: http://www.voanews.com/english/news/Iran-Produces-First-Domestically-Produced-Uranium-Yellowcake-111343954.html --- 5-Dec-2010 Stuxnet: The Ultimate Weapon of the Future? URL: http://managedsecurityservices.org/stuxnet-the-ultimate-weapon-of-the-future Supporting YouTube URL: http://www.youtube.com/watch?v=rR_q3Mcq9Dk&feature=player_embedded --- 5-Dec-2010 U.S. works to protect networks from hackers URL: http://dailycaller.com/2010/12/05/u-s-works-to-protect-networks-from-hackers/ --- 5-Dec-2010 US works to secure networks as hackers advance URL: http://www.philly.com/philly/wires/ap/business/20101205_ap_usworkstosecurenetworksashackersadvance.html --- 5-Dec-2010 Stuxnet and WikiLeaks - What do they have in common? URL: http://boelectronic.blogspot.com/2010/12/stuxnet-and-wikileaks-what-do-they-have.html --- 5-Dec-2010 Iran forms elite security unit after Stuxnet assassination URL: http://www.tgdaily.com/security-features/52875-iran-forms-elite-security-unit-after-stuxnet-assassination ================ 6-Dec-2010 Stuxnet Not Different From Many Malware, Says Expert URL: http://www.spamfighter.com/News-15478-Stuxnet-Not-Different-From-Many-Malware-Says-Expert.htm ================ 7-Dec-2010 Stuxnet: It's the real thing, baby -- 7-Dec-2010 (1928 hrs UTC) No apparent Stuxnet impact in US: cyber official URL: http://www.google.com/hostednews/afp/article/ALeqM5gABqKg3RFSAqmukHRnd_S9w6NRdQ?docId=CNG.185c429e4cf5ad15f14ff3629cb82c86.731 ================ 9-Dec-2010 Stuxnet Virus Still Causing Havoc in Iran URL: http://www.frumforum.com/stuxnet-still-causing-havoc-in-iran --- 9-Dec-2010 Stuxnet Is the World's Problem URL: http://www.pittsreport.com/2010/12/stuxnet-is-the-worlds-problem/ --- 9-Dec-2010 FAS release whitepaper on 'Stuxnet'; entitled "The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability" URL: http://www.fas.org/sgp/crs/natsec/R41524.pdf Alt URL: http://www.infracritical.com/papers/R41524.pdf ================ 14-Dec-2010 Microsoft delivers patches for IE, font driver; puts Stuxnet to bed URL: http://www.zdnet.com/blog/security/microsoft-delivers-patches-for-ie-font-driver-puts-stuxnet-to-bed/7837?tag=nl.e589 -- 14-Dec-2010 China Likely Behind Stuxnet Attack, Cyberwar Expert Says URL: http://www.darkreading.com/vulnerability-management/167901026/security/attacks-breaches/228800582/china-likely-behind-stuxnet-attack-cyberwar-expert-says.html ================ 15-Dec-2010 IE and Stuxnet Zero-Days Finally Patched URL: http://news.softpedia.com/news/IE-and-Stuxnet-Zero-Days-Finally-Patched-172742.shtml -- 15-Dec-2010 Stuxnet 'virus' could be altered to attack US facilities, report warns URL: http://news.yahoo.com/s/csm/20101215/ts_csm/350095_1 ================ 16-Dec-2010 Stuxnet worm yet to turn URL: http://www.economist.com/node/17730556?story_id=17730556 ================ 22-Dec-2010 Stuxnet and fake certificates dominate the Q3 malware landscape URL: http://www.infosecurity-magazine.com/view/14818/stuxnet-and-fake-certificates-dominate-the-q3-malware-landscape/ -- 22-Dec-2010 StuxNet: prepare for worse in 2011 URL: http://www.computerweekly.com/Articles/2010/12/22/244626/StuxNet-prepare-for-worse-in-2011.htm ================ 23-Dec-2010 Stuxnet story is high-profile but still out of reach URL: http://gcn.com/articles/2010/12/23/cybereye-stuxnet-high-profile-mystery.aspx ================ 30-Dec-2010 Cyber-sabotage and espionage top 2011 security fears URL: http://www.bbc.co.uk/news/technology-12056594 ================ 16-Jan-2011 Israel Test on Worm Called Crucial in Iran Nuclear Delay URL: http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html?_r=2&hp -- 16-Jan-2011 With Stuxnet, Did the U.S. and Israel Create a New Cyberwar Era? URL:http://www.wired.com/dangerroom/2011/01/with-stuxnet-did-the-u-s-and-israel-create-a-new-cyberwar-era/ ================ 17-Jan-2011 (0924 UTC) Further light shone on development of the cyber attack URL: http://www.itnews.com.au/News/244929,report-us-israel-tested-stuxnet.aspx -- 17-Jan-2011 (1452 UTC) Israel and US fingered for Stuxnet attack on Iran URL: http://www.theregister.co.uk/2011/01/17/stuxnet_israel_connection_fleshed_out/ ================ 19-Jan-2011 (1516 UTC) Sutxnet not such a masterpiece after all? URL: http://www.h-online.com/security/news/item/Stuxnet-not-such-a-masterpiece-after-all-1171795.html ================ 14-Feb-2011 (1853 UTC) Stuxnet blitzed 5 Iranian factories over 10-month period URL: http://www.theregister.co.uk/2011/02/14/stuxnet_targeted_5_factories/ ================ 16-Apr-2011 (1457 UTC) Iran blames US, Israel for Stuxnet computer worm URL: http://www.sfgate.com/cgi-bin/article.cgi?f=/n/a/2011/04/16/international/i065353D61.DTL ================ 18-Apr-2011 (1847 UTC) Iran Blasts Siemens For Role In Stuxnet Worm URL: http://www.ibtimes.com/articles/135606/20110418/iran-threatens-legal-action-against-siemens-for-stuxnet-worm.htm -- 18-Apr-2011 (1924 UTC) Iran lays blame for Stuxnet worm on Siemens URL: http://www.theregister.co.uk/2011/04/18/iran_blames_siemens_for_stuxnet/ -- 18-Apr-2011 Iranian General Accuses Siemens of Helping U.S., Israel Build Stuxnet URL: http://www.cio.com/article/679822/Iranian_General_Accuses_Siemens_of_Helping_U.S._Israel_Build_Stuxnet ================ 24-Apr-2011 (2020 UTC) Computer virus as bad as A-bombs dropped on Japan? URL: http://www.wnd.com/?pageId=290221#ixzz1KWu0lgGD ================ 25-Apr-2011 DHS chief: What we learned from Stuxnet URL: http://www.computerworld.com/s/article/9216166/DHS_chief_What_we_learned_from_Stuxnet ================ 27-Apr-2011 Stuxnet Shows Need to Communicate URL: http://www.isssource.com/dhs-chief-stuxnet-shows-need-to-communicate/ ================ 5-May-2011 (1415 UTC) ANALYSIS-Experts sceptical on new Iran "cyber attack" claim URL: http://af.reuters.com/article/energyOilNews/idAFLDE74417H20110505?sp=true Advisories reporting this (includes updated advisory information from their respective sources) are as follows: Microsoft Security Advisory #2286198 http://www.microsoft.com/technet/security/advisory/2286198.mspx Microsoft Security Advisory #2286198 Workaround http://support.microsoft.com/kb/2286198 ENABLE workaround: http://go.microsoft.com/?linkid=9738980 DISABLE workaround: http://go.microsoft.com/?linkid=9738981 US-CERT Advisory Bulletins http://www.kb.cert.org/vuls/id/940193 https://www.us-cert.gov/control_systems/pdf/ICSA-10-272-01.pdf https://www.us-cert.gov/control_systems/ics-cert/archive.html ICS-CERT Advisory Bulletins http://www.us-cert.gov/control_systems/pdf/ICSA-10-201-01%20-%20USB%20Malware%20Targeting%20Siemens%20Control%20Software.pdf MITRE Common Vulnerabilities and Exposures (CVE) #CVE-2010-2568 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2568 NOTE: Some previously posted advisory bulletins from US-CERT are no longer available: http://www.us-cert.gov/control_systems/pdf/ICSA-10-238-01B%20-%20Stuxnet%20Mitigation.pdf http://www.us-cert.gov/control_systems/pdf/ICSA-10-238-01%20-%20Stuxnet%20Mitigation.pdf Tofino Security Whitepaper on 'Stuxnet': http://www.tofinosecurity.com/professional/siemens-pcs7-wincc-malware Symantec W32.Stuxnet dossier whitepaper (note Appendix C; this is what 'Stuxnet' was communicating with): http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf Foreign Policy Research Institute on 'Stuxnet': http://www.fpri.org/enotes/201011.picciotti_montanaro.cyberwar.html