CrySyS Duqu detector toolkit released.
The researchers at the lab credited with identifying the zero-day delivery mechanism of the Duqu bot, the Hungarian Laboratory of Cryptography and System Security (CrySyS), have released a toolkit for detecting the pest, even after components of it have been removed from a system.
According to CrySyS Lab Statement:-
"Our lab, the Laboratory of Cryptography and System Security (CrySyS) pursued the analysis of the Duqu malware and as a result of our investigation, we identified a dropper file with an MS 0-day kernel exploit inside. We immediately provided competent organizations with the necessary information such that they can take appropriate steps for the protection of the users."
The DuquDetector software comprises four executable tools which in turn scan for Duqu-infected system drivers, PNF files with "suspiciously high entropy", Duqu's temporary files and PNF files with no corresponding .inf files. It places these results in a logfile for an experienced practitioner to analyse. The combination of signature and heuristics-based analysis does mean that, as with other tools for detecting anomalies, false positives can get generated. For more details click Here
To download the Duqu Detector by CrySyS Click Here
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
Categories:
download
,
security-news
