First things first: Kaspersky ICS CERT becomes new member of the global Forum of Incident Response and Security Teams (FIRST)
After rigorous assessment, Kaspersky’s Industrial Systems Emergency Response Team (ICS CERT) has officially joined FIRST – the global Forum of Incident Response and Security Teams.
ENISA publishes guidelines for securing internet of things supply chain
The European Union Agency for Cybersecurity (ENISA) has published its guidelines for securing the internet of things supply chain. Kaspersky ICS CERT experts were among the contributors to the development effort.
Municipal services at Canadian City of Saint John down due to cyberattack
Attack by Ryuk ransomware disrupts nearly all municipal services in Canadian city of Saint John
Multiple vulnerabilities in EcoStruxure Operator Terminal Expert
Vulnerabilities that can lead to unsanctioned account access or remote code execution.
Dangerous vulnerabilities in Emerson OpenEnterprise
Kaspersky ICS CERT has discovered vulnerabilities that may allow threat actors to modify configuration files, execute arbitrary code remotely or access user passwords.
Cyber incidents in industrial enterprises during the first half of May: Stadler, Elexon, BlueScope
Victims included a railway stock manufacturer, an electric utility company and a steel producer. One incident brought operations to a halt
Multiple vulnerabilities in ABB 800xA DCS
The vulnerabilities could allow attackers to remotely compromise hosts, cause denial-of-service conditions or elevate their privileges
Targeted attacks on Israeli water supply and wastewater treatment facilities
Israeli authorities have warned of possible attacks on SCADA systems of wastewater treatment, water pumping and sewerage facilities
Malicious campaigns against Azerbaijan’s government and industrial organizations
The attackers use PoetRAT, a new RAT Trojan distributed via Microsoft Word documents
Dozens of Siemens industrial devices are affected by DoS vulnerabilities
Siemens industrial solutions are affected by SegmentSmack and FragmentSmack vulnerabilities, which could lead to device denial of service