26 October 2021
APT attacks on industrial organizations in H1 2021This summary provides an overview of APT attacks on industrial enterprises disclosed in H1 2021.
Filter
09 September 2021
Threat landscape for industrial automation systems. Statistics for H1 2021The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
21 May 2021
DarkChronicles: the consequences of the Colonial Pipeline attackThis article began as an overview of the Colonial Pipeline incident. However, the events unfolded so rapidly that the scope of the publication has gone beyond a single incident.
07 April 2021
Vulnerability in FortiGate VPN servers is exploited in Cring ransomware attacksAn incident investigation conducted by Kaspersky ICS CERT experts at one of the attacked enterprises revealed that attacks of the Cring ransomware exploit a vulnerability in FortiGate VPN servers.
29 March 2021
APT attacks on industrial companies in 2020Overview of APT attacks on industrial enterprises information on which was published in 2020.
25 March 2021
Threat landscape for industrial automation systems. Statistics for H2 2020The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
17 March 2021
Threat landscape for the ICS engineering and integration sector. 2020The threat landscape for computers in the ICS engineering and integration sector varies depending on a computer’s environment, including its geographical location, ability to access external networks and services, and user behavior.
25 February 2021
Lazarus targets defense industry with ThreatNeedleIn mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.
26 January 2021
SunBurst industrial victimsHow many industrial organizations had installed backdoored SolarWinds versions? We present the results of our analysis.
02 December 2020
ICS threat predictions for 2021We present our vision of what challenges industrial cybersecurity will soon be (or already is) facing, and what to expect from cybercriminals in 2021.
Filter
24 July 2018
Buffer overflow vulnerabilities in AVEVA HMI solutionsVulnerabilities in HMI solutions InduSoft Web Studio, InTouch Machine Edition and InTouch could allow remote code execution and cause systems to be compromised
23 July 2018
Dangerous vulnerability fixed in Moxa NPort serial network interface devicesA vulnerability in Moxa NPort 5210, 5230 and 5232 devices could allow a remote attacker to cause a resource exhaustion condition
19 July 2018
Dangerous vulnerability identified in ABB Panel Builder 800 engineering softwareA vulnerability in Panel Builder 800 engineering software installed on ABB Panel 800 HMI devices could enable attackers to plant and execute arbitrary code on affected devices
17 July 2018
Multiple vulnerabilities fixed in WAGO operator panelsWAGO has fixed multiple vulnerabilities in e!DISPLAY 7300T series HMA devices. Exploitation of these vulnerabilities could enable attackers to execute arbitrary code or overwrite critical files
17 July 2018
DoS vulnerabilities in SIPROTEC 5 relays and EN100 communication moduleDoS vulnerabilities have been identified in Siemens SIPROTEC 5 relays and the EN100 communication module. These vulnerabilities can be exploited by a remote attacker without requiring any privileges or user interaction
09 July 2018
Multiple vulnerabilities in Allen-Bradley Stratix 5950 appliancesAllen-Bradley Stratix 5950 network security appliances are affected by multiple vulnerabilities. The flaws, which are due to security issues in the Cisco ASA operating system used in the devices, could cause the appliances to malfunction
27 June 2018
Vulnerability in Delta Industrial Automation COMMGR softwareA buffer overflow vulnerability in Delta Industrial Automation COMMGR software could lead to remote code execution, cause the application to crash, or cause a denial-of-service condition in the application server
27 June 2018
DoS vulnerability in Allen-Bradley CompactLogix and Compact GuardLogix controllersRemote attackers could cause a denial-of-service condition in Allen-Bradley CompactLogix and Compact GuardLogix controllers by exploiting a vulnerability in these devices
26 June 2018
Cyberattack on satellite communications companiesIn a cyberattack on organizations in the US and Southeast Asia, hackers have used legitimate tools to infect systems that monitor and control communications satellites
19 June 2018
Dangerous vulnerabilities fixed in Siemens routers and switchesSiemens has closed serious vulnerabilities in its solutions. Affected devices include SCALANCE M875 industrial routers and SCALANCE X switches
Filter