Duqu, Flame, Gauss: Followers of Stuxnet

  • Wednesday, October 10, 2012 | 14.10 – 15.00 hrs | Buckingham (East Wing)

View all Sessions

This session will present our work at CrySyS Lab on Duqu, Flame and Gauss: how we found Duqu, our work on the dropper and our detector toolkit, Flame, the Gauss related Palida font detector tool and our Gauss Info Collector. Novelties include the use of signed drivers, the 0-days, the Flame windows update attack vector, the Gauss encrypted payload. Hear what we can learn from these incidents.


This document was retrieved from on Mon, 15 Jul 2019 22:58:49 -0400.