Filter
15 June 2017
Nigerian phishing: industrial companies under attackIn late 2016, the Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) reported on phishing attacks that were primarily targeting industrial companies from the metallurgy, electric power, construction, engineering and other sectors.
28 March 2017
Threat Landscape for Industrial Automation Systems in the second half of 2016The Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) is starting a series of regular publications about our research devoted to the threat landscape for industrial organizations.
09 December 2016
Vulnerability in Industrial Control software and quality of the patch managementKaspersky Lab ICS-CERT is launching a series of articles devoted to vulnerability analysis across the world. The articles aim to highlight patch management problems in the ICS world. Each article will focus on one popular ICS vendor and known vulnerabilities according to the MITRE Common Vulnerabilities and Exposures (CVE) database.
02 December 2016
Critical infrastructure protection – governance around the worldThis research is intended to find out which approaches to cybersecurity governance on the national level are currently in place around the world (especially in the sphere of protecting critical infrastructure against cyberattacks), and estimate the current maturity of cybersecurity governance in different countries.
Filter
29 May 2018
Multiple vulnerabilities in Schneider Electric Floating License ManagerDangerous vulnerabilities have been identified in the Schneider Electric Floating License Manager platform.
28 May 2018
VPNFilter malware can be used to detect SCADA equipmentCisco Talos researchers have detected new malware, which has been dubbed VPNFilter. To date, the malware has infected at least 500,000 routers and network-attached storage (NAS) devices in 54 countries of the world.
28 May 2018
Serious vulnerabilities in TELEM-GW6/GWM data concentratorsVulnerabilities in Martem TELEM-GW6/GWM data concentrators could enable remote attackers to gain control of the industrial process, cause denial of service and execute arbitrary code
23 May 2018
Serious vulnerability fixed in PACSystems industrial controllersA serious improper data validation vulnerability has been closed in some models of PACSystems industrial controllers. Exploitation of the vulnerability could cause affected devices to malfunction
23 May 2018
Dangerous vulnerabilities identified in FL SWITCH industrial Ethernet switchesCritical vulnerabilities have been identified in FL SWITCH series 3xxx, 4xxx and 48xxx industrial Ethernet switches. Updating the firmware of the switches to version 1.34 or higher is recommended to eliminate these vulnerabilities
22 May 2018
OPC Foundation Consortium comments on Kaspersky Lab’s OPC UA security analysis reportThe OPC Foundation has published an official response to Kaspersky Lab’s analysis
18 May 2018
DoS vulnerability in SIMATIC S7-400 controllersA hardware vulnerability in SIMATIC S7-400 CPUs could cause denial-of-service conditions of affected PLCs. Exploitation of the vulnerability does not require user interaction or any privileges
17 May 2018
Multiple vulnerabilities closed in Advantech WebAccessMultiple serious vulnerabilities have been closed in Advantech’s WebAccess SCADA/HMI solution. Their exploitation could lead to sensitive information disclosure, arbitrary code execution and file deletion.
26 April 2018
Vulnerabilities in Advantech WebAccess HMI DesignerDangerous vulnerabilities have been identified in Advantech WebAccess HMI Designer. Their exploitation could lead to remote code execution
19 April 2018
Vulnerabilities in Rockwell Automation industrial networking solutionsCritical vulnerabilities have been identified in several Rockwell Automation industrial networking devices. The issue is due to Cisco IOS or IOS XE versions with multiple vulnerabilities being used in these devices
Filter