02 December 2020
ICS threat predictions for 2021We present our vision of what challenges industrial cybersecurity will soon be (or already is) facing, and what to expect from cybercriminals in 2021.
Filter
05 November 2020
Attacks on industrial enterprises using RMS and TeamViewer: new dataThe attacks use remote administration utilities whose graphical user interface is hidden by the malware, enabling the attackers to control the infected system without the user’s knowledge.
19 October 2020
Practical example of fuzzing OPC UA applicationsWe continue to describe our approaches to searching for vulnerabilities in industrial systems based on the OPC UA protocol. In this article, we examine new techniques that can be used to search for memory corruption vulnerabilities if the source code is available. We also discuss an example of fuzzing using libfuzzer.
13 October 2020
What it feels like for a turbineThe goal of the article is to raise awareness on security of Distributed Control Systems (DCS), propose a methodology for assessment, and a remediation strategy. Defenders are always behind attackers, and this publication is trying to balance things out.
08 October 2020
MontysThree: Industrial espionage with steganography and a Russian accent on both sidesIn Summer 2020 we uncovered a previously unknown multi-module C++ toolset used in highly targeted industrial espionage attacks dating back to 2018.
24 September 2020
Threat landscape for industrial automation systems. H1 2020The percentage of computers attacked globally is decreasing. At the same time, threats are becoming more localized, more focused, and, as a result, more diverse and sophisticated.
15 September 2020
The State of Industrial Cybersecurity 2020In 2020 ARC Advisory Group on behalf of Kaspersky conducted a survey on the state of industrial cybersecurity, as well as the current priorities and challenges of industrial organizations. More than 330 industrial companies and organizations across the globe were surveyed online and 10 industry representatives were interviewed at trade fairs and ARC forums worldwide.
31 August 2020
Cyberthreats for ICS in Energy in Europe. Q1 2020In Q1 2020 in Europe, Kaspersky products were triggered on 20.4% of ICS computers in the energy sector. A total of 1,485 malware modifications from 633 different families were blocked.
17 June 2020
Steganography in attacks on industrial enterprises (updated)Kaspersky ICS CERT has identified a series of attacks targeting, among others, organizations in various industrial sectors. Victims include suppliers of equipment and software for industrial enterprises.
30 April 2020
Overview of recommendations on organizing secure remote work for critical infrastructure and other facilitiesDo security issues associated with working remotely affect critical infrastructure enterprises? Should organizations take additional protective measures? A view of regulators in the area of information security.
Filter
24 July 2018
Buffer overflow vulnerabilities in AVEVA HMI solutionsVulnerabilities in HMI solutions InduSoft Web Studio, InTouch Machine Edition and InTouch could allow remote code execution and cause systems to be compromised
23 July 2018
Dangerous vulnerability fixed in Moxa NPort serial network interface devicesA vulnerability in Moxa NPort 5210, 5230 and 5232 devices could allow a remote attacker to cause a resource exhaustion condition
19 July 2018
Dangerous vulnerability identified in ABB Panel Builder 800 engineering softwareA vulnerability in Panel Builder 800 engineering software installed on ABB Panel 800 HMI devices could enable attackers to plant and execute arbitrary code on affected devices
17 July 2018
Multiple vulnerabilities fixed in WAGO operator panelsWAGO has fixed multiple vulnerabilities in e!DISPLAY 7300T series HMA devices. Exploitation of these vulnerabilities could enable attackers to execute arbitrary code or overwrite critical files
17 July 2018
DoS vulnerabilities in SIPROTEC 5 relays and EN100 communication moduleDoS vulnerabilities have been identified in Siemens SIPROTEC 5 relays and the EN100 communication module. These vulnerabilities can be exploited by a remote attacker without requiring any privileges or user interaction
09 July 2018
Multiple vulnerabilities in Allen-Bradley Stratix 5950 appliancesAllen-Bradley Stratix 5950 network security appliances are affected by multiple vulnerabilities. The flaws, which are due to security issues in the Cisco ASA operating system used in the devices, could cause the appliances to malfunction
27 June 2018
Vulnerability in Delta Industrial Automation COMMGR softwareA buffer overflow vulnerability in Delta Industrial Automation COMMGR software could lead to remote code execution, cause the application to crash, or cause a denial-of-service condition in the application server
27 June 2018
DoS vulnerability in Allen-Bradley CompactLogix and Compact GuardLogix controllersRemote attackers could cause a denial-of-service condition in Allen-Bradley CompactLogix and Compact GuardLogix controllers by exploiting a vulnerability in these devices
26 June 2018
Cyberattack on satellite communications companiesIn a cyberattack on organizations in the US and Southeast Asia, hackers have used legitimate tools to infect systems that monitor and control communications satellites
19 June 2018
Dangerous vulnerabilities fixed in Siemens routers and switchesSiemens has closed serious vulnerabilities in its solutions. Affected devices include SCALANCE M875 industrial routers and SCALANCE X switches
Filter