РУ
Kaspersky ICS CERT

Industrial Systems Emergency Response Team is a special Kaspersky project that will offer the wide range of information services, starting from the intelligence on the latest threats and security incidents with mitigation strategies and all the way up to incident response and investigation consultancy and services. In addition to the latest intelligence about threats and vulnerabilities, Kaspersky’s Industrial CERT will share expertise on compliance. Being a non-commercial project, ICS CERT will share information and expertise to its members free of charge.

Services

Alerts

Reports

Contacts

Reports

Lazarus targets defense industry with ThreatNeedle

25 February 2021

SunBurst industrial victims

26 January 2021

ICS threat predictions for 2021

02 December 2020

Attacks on industrial enterprises using RMS and TeamViewer: new data

05 November 2020

Practical example of fuzzing OPC UA applications

19 October 2020

What it feels like for a turbine

13 October 2020

 More Reports

Events

Are industrial organizations a target for cybercriminals?

01 December 2020

Kaspersky ICS CERT goes virtual with the Deggendorf Institute of Technology!

24 November 2020

Kaspersky conducts ICS digital forensics and incident response training course in China

30 January 2020

Applied industrial cybersecurity by Kaspersky at the Deggendorf Institute of Technology

25 November 2019

7th Kaspersky Industrial Cybersecurity Conference

01 November 2019

Kaspersky Industrial CTF 2019 Finals Results

29 April 2019

Cybersecurity Insight – MIT workshops in partnership with Kaspersky Lab

05 April 2019

Kaspersky Lab has taken part in S4x19 Industrial Cybersecurity Conference

31 January 2019

 More Events

News

Classics: vulnerabilities in web console and third-party components in Pepperl+Fuchs IO-Link-Master gateways

09 February 2021

Getting back on Treck: more vulnerabilities in the infamous TCP/IP Stack

05 February 2021

Much ado about the certificate: what one should know about Siemens SCALANCE X switch configuration to avoid MitM

02 February 2021

Cryptographic deadly sins and the security of Modicon M100/M200/M221

28 January 2021

From buffer overflow to switchboard setup errors: vulnerabilities in building operation software by Schneider Electric

27 January 2021

Twentieth for Ripple20: Vulnerability in embedded web server of I/O expansion modules for IoT

26 January 2021

Critical vulnerability in Schneider Electric HMI configuration software

26 January 2021

A classic that needs updating: fresh vulnerabilities in the software of Siemens SCALANCE X switches

26 January 2021

 More News

Reports

Lazarus targets defense industry with ThreatNeedle

25 February 2021

SunBurst industrial victims

26 January 2021

ICS threat predictions for 2021

02 December 2020

Attacks on industrial enterprises using RMS and TeamViewer: new data

05 November 2020

Practical example of fuzzing OPC UA applications

19 October 2020

What it feels like for a turbine

13 October 2020

MontysThree: Industrial espionage with steganography and a Russian accent on both sides

08 October 2020

Threat landscape for industrial automation systems. H1 2020

24 September 2020

The State of Industrial Cybersecurity 2020

15 September 2020

 More Reports

Advisories

KLCERT-20-017: Session Information Exposure in ARC Informatique PcVue

09 October 2020

KLCERT-20-016: Denial-of-Service in ARC Informatique PcVue

09 October 2020

KLCERT-20-015: Remote Code Execution in ARC Informatique PcVue

09 October 2020

KLCERT-20-014: Session token exposed in Honeywell ControlEdge PLC and RTU

23 June 2020

KLCERT-20-013: Unencypted password transmission in Honeywell ControlEdge PLC and RTU

23 June 2020

KLCERT-20-012: Missing Authentication in Emerson OpenEnterprise SCADA before 3.3.4

20 May 2020

KLCERT-20-011: Inadequate Encryption Strength in Emerson OpenEnterprise SCADA before 3.3.4

20 May 2020

KLCERT-20-010: Improper Ownership Management in Emerson OpenEnterprise SCADA before 3.3.4

20 May 2020

 More Advisories

Percentage of industrial computers attacked, January 2021

Top countries by percentage of industrial computers attacked, January 2021

Algeria Iraq Morocco Tunisia Egypt China Indonesia Iran, Islamic Republic of Vietnam Ukraine Korea Saudi Arabia United Arab Emirates Ecuador Greece

Threat sources, January 2021

Internet Removable
devices Mail Network
folders
% of attacked users

Malware platforms, January 2021

.NET Framework Visual Basic Script AutoCAD PDF BAT JavaScript Python Microsoft Word PowerShell Java
% of attacked users

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.