What is steganography?
"The features include steganographic processes that encrypt stolen data and embed it into image files before sending it to attacker-controlled servers, an analysis by NSS researchers found."
Actually, if you bother to follow the link to the NSS report, you'll see that its authors, being knowledgeable researchers, don't use the word "steganography" at all. And rightfully so, because Duqu doesn't use it. Obviously, the ElReg reporter has heard the buzzword from somewhere, has half-understood it, hasn't even looked at the Duqu code, and has decided to include this buzzword in his article to make it more "juicy".
What Duqu does, is APPEND (not "embed") the collected and encrypted information at the end of JPG images. The reason for this is to conceal the fact that it is sending such information from casual observers of the 'net traffic. However, if somebody is actually LOOKING for this info in these JPG images, it is blindingly obvious that it is there.
As opposed to that, when REAL steganography is used, the information is encoded by toggling single bits in the image. If it is done right, it is practically IMPOSSIBLE to detect that hidden information is present in the image, unless you have the original image to compare it with. Calling what Duqu does "steganography" is like calling wearing sunglasses a "professional disguise".
As for the similarity between Duqu and Stuxnet, it is more appropriate to say that one of the components of Duqu is very similar to one of the components of Stuxnet. But the similarity ends here.