20 September 2018
Threats posed by using RATs in ICSThe paper provides an analysis of the prevalence of remote administration tools on OT networks and the threats associated with their use.
Filter
06 September 2018
Threat landscape for industrial automation systems: H1 2018In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of its research on the threat landscape for industrial automation systems conducted during the first half of 2018.
01 August 2018
Attacks on industrial enterprises using RMS and TeamViewerThe malware used in these attacks installs legitimate remote administration software – TeamViewer or RMS – on the system. This enables the attackers to gain remote control of infected systems.
28 June 2018
The State of Industrial Cybersecurity 2018: findings of joint survey by Kaspersky Lab and PACKaspersky Lab has published the results of The State of Industrial Cybersecurity study carried out in collaboration with PAC, a CXP Group Company, and based on a survey of 320 professionals representing companies from such sectors as manufacturing and industrial production, energy, mining, transport, and logistics.
10 May 2018
OPC UA security analysisThis paper discusses our project that involved searching for vulnerabilities in implementations of the OPC UA protocol. In publishing this material, we hope to draw the attention of vendors that develop software for industrial automation systems and the industrial internet of things to problems associated with using such widely available technologies, which turned out to be quite common.
23 April 2018
Energetic Bear / Crouching Yeti: attacks on serversThis report by Kaspersky Lab ICS CERT presents information on identified servers that have been infected and used by the group. The report also includes the findings of an analysis of several webservers compromised by the Energetic Bear group during 2016 and in early 2017.
26 March 2018
Threat Landscape for Industrial Automation Systems in H2 2017In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of its research on the threat landscape for industrial automation systems conducted during the second half of 2017.
12 March 2018
Somebody’s watching! When cameras are more than just ‘smart’The researchers at Kaspersky Lab ICS CERT decided to check the popular smart camera to see how well protected it is against cyber abuses.
28 February 2018
IoT hack: how to break a smart home… againThere can never be too many IoT gadgets – that’s what people usually think when buying yet another connected device with advanced functionality. From our perspective, we also think there can’t be too many IoT investigations.
07 February 2018
Gas is too expensive? Let’s make it cheap!A few months ago, while undertaking unrelated research into online connected devices, we uncovered something surprising and realized almost immediately that we could be looking at a critical security threat.
Filter
30 March 2018
Critical vulnerability closed in TIM 1531 IRC modulesSiemens has released a new firmware version for TIM 1531 IRC communication modules to close a critical vulnerability in these modules. If exploited, this vulnerability could lead to unauthorized changes in the module’s configuration and a denial of service condition
30 March 2018
New vulnerabilities in Allen Bradley MicroLogix 1400 PLCsSerious vulnerabilities have been closed in Allen Bradley MicroLogix 1400 PLC series. Exploitation of these vulnerabilities could lead to unauthorized modification of PLC configuration and cause the devices to enter a denial-of-service condition
29 March 2018
Multiple vulnerabilities identified in the Modicon family of industrial controllersUS CERT has published an advisory on vulnerabilities in the Modicon family of industrial controllers by Schneider Electric.
26 March 2018
Improper Input Validation vulnerability in Siemens industrial devicesA vulnerability that could cause a denial-of-service condition has been identified in Siemens industrial solutions. The vulnerability can only be exploited if the attacker is located in the same Ethernet segment as the targeted device
26 March 2018
Serious vulnerability identified in Beckhoff TwinCAT PLC software solutionVulnerability in kernel drivers of Beckhoff TwinCAT 2 and 3.1 PLC software solutions for PLCs could allow local attackers to escalate privileges on target systems
01 March 2018
Siemens industrial solutions are affected by vulnerabilities in Intel ME, SPS and TXE technologies28 industrial solutions by Siemens are affected by vulnerabilities in Intel ME, SPS and TXE technologies. The vendor has released patches for all of these products and made these patches available on its website
27 February 2018
OMG botnet turns infected devices into proxy serversA new variant of the Mirai botnet can set up proxy servers on infected IoT devices
22 February 2018
3.3% of ICS computers attacked by miners during the past yearKaspersky Lab has recorded an increase in the number of attacks involving cryptocurrency miners on the infrastructure of industrial enterprises, which started in September 2017. Miners can interfere with industrial process control and threaten process stability.
22 February 2018
Vulnerabilities in GE D60 Line Distance Relay devicesCritical vulnerabilities have been identified in General Electric D60 Line Distance Relay devices. The vulnerabilities could allow attackers to execute code on vulnerable systems.
22 February 2018
Critical vulnerability in WAGO PFC200 controllers closedWAGO has closed a critical vulnerability (improper authentication) in its PFC200 Series PLCs.
Filter