31 January 2024
ICS and OT threat predictions for 2024Most of the described trends have been observed before. However, some of them have reached a critical mass of creeping changes, which could lead to a qualitative shift in the threat landscape
Filter
31 January 2024
ICS and OT threat predictions for 2024Most of the described trends have been observed before. However, some of them have reached a critical mass of creeping changes, which could lead to a qualitative shift in the threat landscape
18 October 2023
Updated MATA attacks industrial companies in Eastern EuropeKaspersky experts discovered several detections of malware from the MATA cluster, previously attributed to the Lazarus group, compromising defense contractor companies in Eastern Europe.
05 October 2023
H1 2023 – a brief overview of main incidents in industrial cybersecurityIn this overview, we discuss cybercriminal and hacktivist attacks on industrial organizations.
25 September 2023
APT and financial attacks on industrial organizations in H1 2023An overview of reports of APT and financial attacks on industrial enterprises, as well as related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities
13 September 2023
Threat landscape for industrial automation systems. Statistics for H1 2023The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
10 August 2023
Common TTPs of attacks against industrial organizations. Implants for uploading dataIn this part we present information on the four types of implants and two tools used during the last (third) stage of the attacks discovered.
31 July 2023
Common TTPs of attacks against industrial organizations. Implants for gathering dataThis part of the research is devoted to second stage malware used to gather data on infected systems of industrial organizations.
20 July 2023
Common TTPs of attacks against industrial organizations. Implants for remote accessIn this article (which is the first part of the report) we analyze common TTPs of implants used by threat actors to establish a persistent remote access channel into the infrastructure of industrial organizations.
24 March 2023
APT attacks on industrial organizations in H2 2022This summary provides an overview of APT attacks on industrial enterprises and activity of groups that have been observed attacking industrial organizations and critical infrastructure facilities.
15 March 2023
H2 2022 – brief overview of main incidents in industrial cybersecurityIn this overview, we discuss cybercriminal and hacktivist attacks on industrial organizations.
Filter
01 October 2019
Vulnerability in Cisco IOS and IOS XE affecting industrial routersAffected devices include Cisco 800 Series industrial routers and Cisco 1000 Series Connected Grid Routers (CGR 1000)
01 October 2019
Cyberattack on Rheinmetall technology groupA malware attack has disrupted production at Rheinmetall Group plants in three countries. The company expects it to take 2 to 4 weeks to eliminate the disruption
11 September 2019
Multiple vulnerabilities identified in Red Lion Controls Crimson softwareSuccessful exploitation of the vulnerabilities could allow an attacker to execute arbitrary code, crash the device or view protected data
11 September 2019
Software vulnerabilities in EZ Touch Editor and EZ PLC EditorExploitation of the vulnerabilities could lead to remote code execution
29 August 2019
State of Industrial Cybersecurity: survey by Kaspersky and ARC Advisory GroupARC Advisory Group and Kaspersky have presented a survey on the state of industrial cybersecurity in 2019
16 August 2019
Industrial Internet Consortium will support Kaspersky Industrial Cybersecurity Conference 2019 as Association PartnerIndustrial Internet Consortium will take part in the Kaspersky Industrial Cybersecurity Conference 2019 in Sochi as an Association Partner. Don't miss the IIC delegate's presentation!
26 July 2019
Vulnerabilities fixed in Mitsubishi Electric FR Configurator2The vulnerabilities could allow an attacker to read arbitrary files or cause a denial-of-service condition
16 July 2019
Dangerous vulnerabilities in Siemens TIA Administrator, SIMATIC WinCC and PCS7Vulnerabilities can lead to a denial-of-service condition and command execution without proper authentication
16 July 2019
Dangerous vulnerability in the IGSS systemThe vulnerability could allow an attacker to force the software to crash or to execute arbitrary code
16 July 2019
Multiple vulnerabilities in Schneider Electric Floating License ManagerIn addition to Schneider Electric, security issues affect products from AVEVA Vijeo Citect and Citect SCADA
Filter