Last Friday, NSS researchers announced their findings on Duqu on a blog post. We also pointed to our open source tool that we've shared with the security research community. Since posting, the tool has been viewed over 18,000 times and 45 different forks have been created from the github repository in the few days it has been up. Read more...

While there has been a lot written about DuQu, and some talented researchers – particularly Budapest-based CrySyS Labs – have done good work, there have been some key omissions and misinformation, as well as retractions and restatements. Having performed our own extensive analysis of the code, we wanted to provide the following succinct summary of our findings. Read more...