Multiple Vulnerabilities Found in Popular Document Management System
Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) has identified multiple vulnerabilities in the Saperion Web Client, a web application developed by Kofax.
Several more vulnerabilities found and closed in popular license manager
Kaspersky Lab ICS CERT has identified multiple vulnerabilities: denial of service (DOS), NTLM-relay attack, Stack buffer overflow, Remotely enabling web admin interface, Arbitrary memory read and possible remote code execution (RCE) in hasplms service that is a part of Gemalto’s HASP SRM, Sentinel HASP and Sentinel LDK products.
Infected CCleaner in ICS around the world
On 18 September 2017, Piriform, a software company, announced that its CCleaner utility, which is designed to optimize the operation of Windows, had been hacked.
Multiple vulnerabilities found in popular license manager
Kaspersky Lab ICS CERT has identified multiple remote code execution (RCE) and denial of service (DOS) vulnerabilities in hasplms service that is a part of Gemalto’s HASP SRM, Sentinel HASP and Sentinel LDK products.
More than 50% of organizations attacked by ExPetr (Petya) cryptolocker are industrial companies
According to our telemetry, we see evidence that many industrial companies are being attacked by ExPetr (Petya) malware. While there were examples of actual industrial control systems being affected, in most cases it was only the business networks were affected. According to our data, at least 50% of the companies being attacked are manufacturing and oil & gas enterprises.
WannaCry ransomware widespread attack may indirectly hit Industrial organizations
The “WannaCry” outbreak has being reported on May 12 2017 by many independent sources all over the World. Based on KL ICS CERT live reports we decided to warn industrial organizations that they might indirectly become a victims of this widespread attack.
Spear phishing attack hits industrial companies
In October 2016, Kaspersky Lab ICS CERT detected a targeted attack aimed at industrial organizations. The worst affected were companies in the smelting, electric power generation and transmission, construction, and engineering industries.