01 December 2025
APT and financial attacks on industrial organizations in Q3 2025Using of AI, trusted relationships and historical security problems of traditional OS – there are some interesting details of attacks on industrial enterprises.
Filter
20 November 2025
God Mode On: Researchers run Doom on a vehicle’s head unit after remotely attacking its modemExploiting a vulnerability identified in a modem installed in the head units of some vehicles enabled Kaspersky ICS CERT experts to gain complete control of the system.
09 October 2025
A brief overview of the main incidents in industrial cybersecurity. Q2 2025More than 130 incidents were publicly confirmed by victims. Among them are not only high-profiled technology corporations and enterprises, but also the lake dam.
23 September 2025
Threat landscape for industrial automation systems. Europe, Q2 2025In Southern and Eastern Europe, the risk of targeted attacks is high – there are high levels of email threats (phishing) and spyware. The review of key cybersecurity issues in European regions.
23 September 2025
Threat landscape for industrial automation systems. Russia, Q2 2025The region where the main threat source is the internet and the percentage of ICS computers on which miners in the form of executable files for Windows were blocked is usually high.
22 September 2025
Threat landscape for industrial automation systems. Middle East, Q2 2025The region with high risk of targeted attacks against the technological infrastructures of industrial enterprises
22 September 2025
Threat landscape for industrial automation systems. South and North America (Canada), Q2 2025The percentage of threats from email clients increased significantly in South America, and from the internet – in North America (Canada). The review of key cybersecurity issues in these regions.
19 September 2025
Threat landscape for industrial automation systems. Australia and New Zealand, Q2 2025The region ranks first in terms of the percentage of ICS computers on which malicious objects were blocked increase.
19 September 2025
Threat landscape for industrial automation systems. Asia, Q2 2025South-East Asia ranks first in the world in terms of the percentage of ICS computers on which viruses and malware for AutoCAD were blocked. The review of key cybersecurity issues in Asian regions.
18 September 2025
Threat landscape for industrial automation systems. Africa, Q2 2025The leader in the percentage of ICS computers on which malicious objects were blocked for many years. The region with low cybersecurity maturity of industrial organizations.
Filter
04 March 2021
More critical vulnerabilities identified in OPC protocol implementationsSolutions that use the OPC family of protocols are affected by multiple vulnerabilities that could lead to equipment failure, remote code execution or leaks of critical data
09 February 2021
Classics: vulnerabilities in web console and third-party components in Pepperl+Fuchs IO-Link-Master gatewaysThe vendor has published an advisory on vulnerabilities in multifunctional gateway devices designed to integrate different types of sensors and PLCs into industrial environments
05 February 2021
Getting back on Treck: more vulnerabilities in the infamous TCP/IP StackVulnerabilities have been identified in the IPv6 component in the Treck TCP/IP stack implementation. It is recommended that vendors of IoT devices using that implementation issue security advisories.
02 February 2021
Much ado about the certificate: what one should know about Siemens SCALANCE X switch configuration to avoid MitMSiemens has released a security alert which describes some cases of SCALANCE X-200/X-200IRT/X-300 switches using hardcoded encryption keys, making them prone to man-in-the-middle attacks
28 January 2021
Cryptographic deadly sins and the security of Modicon M100/M200/M221Weak implementation of cryptographic data protection allows various types of attacks and enables attackers to identify the key in captured traffic
27 January 2021
From buffer overflow to switchboard setup errors: vulnerabilities in building operation software by Schneider ElectricVulnerabilities in Schneider Electric’s low-voltage distribution system configuration software could enable attackers to upload arbitrary files defining electrical system parameters
26 January 2021
Twentieth for Ripple20: Vulnerability in embedded web server of I/O expansion modules for IoTSсhneider Electric has published an advisory on a critical vulnerability in the web server used in TM3 I/O expansion modules
26 January 2021
Critical vulnerability in Schneider Electric HMI configuration softwareThe vulnerability could cause a Windows local user privilege escalation when using EcoStruxure™ Operator Terminal Expert and Pro-face BLUE software and WinGP runtime environment by Schneider Electric.
26 January 2021
A classic that needs updating: fresh vulnerabilities in the software of Siemens SCALANCE X switchesDoS vulnerabilities have been disclosed in the integrated web server of Siemens SCALANCE X-200 / X-200IRT / X-300 switches. Measures proposed by the vendor do not prevent all possible attacks.
23 November 2020
First things first: Kaspersky ICS CERT becomes new member of the global Forum of Incident Response and Security Teams (FIRST)After rigorous assessment, Kaspersky’s Industrial Systems Emergency Response Team (ICS CERT) has officially joined FIRST – the global Forum of Incident Response and Security Teams.
Filter
5
Apr 2019
Cybersecurity Insight – MIT workshops in partnership with Kaspersky Lab
MIT held Cybersecurity Insight, providing presentations, practical workshops and an ICS CTF in partnership with Kaspersky Lab
31
Jan 2019
Kaspersky Lab has taken part in S4x19 Industrial Cybersecurity Conference
Kaspersky Lab presented its latest findings on CoDeSys Runtime vulnerabilities at the S4x19 conference, in what was a successful debut among competing industrial cybersecurity vendors
14
Dec 2018
Kaspersky Lab and Fraunhofer IOSB conduct another joint training
Another two-day course “Advanced Industrial Cybersecurity in Practice” was held in Germany. The course included theoretical sections followed by live demonstrations and exercises. An international group of participants left positive feedback
29
Nov 2018
Kaspersky Industrial CTF 2018 Qualifications Results
The online qualifications round for Kaspersky Industrial CTF 2018 took place on November 23-24. Over 1,000 teams registered with 130 eventually scoring points. The top 4 teams will participate in the finals
27
Nov 2018
Kaspersky Lab ICS CERT Hands-on: IoT vulnerability research and exploitation training
Kaspersky Lab ICS CERT is conducting a practical course in IoT vulnerability research. This class provides a deep dive into hardware analysis, firmware extraction and analysis, vulnerability research and exploitation.
19
Nov 2018
RATs – are they Useful or Dangerous for your ICS
In October 2018, Vyacheslav Kopeytsev, Security Researcher, Critical Infrastructure Threat Analysis, spoke at MALCON 2018, the 13th IEEE International Conference on Malicious and Unwanted Software, held this year in Massachusetts, USA.
23
Oct 2018
Kaspersky Lab challenges whitehats to find flaws in IoT devices, in Capture the Flag competition
Kaspersky Lab is launching the fourth international industrial Capture the Flag (CTF) security competition and inviting ethical hackers (whitehats) from across the world to test the security of smart devices and industrial systems
15
Oct 2018
Opportunities and challenges in digital transformation: sixth industrial cybersecurity conference organized by Kaspersky Lab
The sixth conference on industrial cybersecurity organized by Kaspersky Lab was held on September 19-21 in Sochi, Russia. This year’s theme was ‘Industrial cybersecurity: opportunities and challenges in digital transformation’.
10
Oct 2018
Bridging the ICS cybersecurity awareness gap: webinar by Kaspersky Lab & Fraunhofer IOSB
On October 16, Kaspersky Lab and Fraunhofer IOSB are hosting a joint webinar to highlight the importance of ICS cybersecurity education and present a new ICS cybersecurity training course
8
Oct 2018
First joint training by Kaspersky Lab and Fraunhofer IOSB
On September 26 – 27, 2018 Kaspersky Lab ICS CERT and Fraunhofer IOSB conducted their first “Advanced Industrial Cybersecurity in Practice” joint training course