31 July 2023
Common TTPs of attacks against industrial organizations. Implants for gathering dataThis part of the research is devoted to second stage malware used to gather data on infected systems of industrial organizations.
Filter
20 July 2023
Common TTPs of attacks against industrial organizations. Implants for remote accessIn this article (which is the first part of the report) we analyze common TTPs of implants used by threat actors to establish a persistent remote access channel into the infrastructure of industrial organizations.
24 March 2023
APT attacks on industrial organizations in H2 2022This summary provides an overview of APT attacks on industrial enterprises and activity of groups that have been observed attacking industrial organizations and critical infrastructure facilities.
15 March 2023
H2 2022 – brief overview of main incidents in industrial cybersecurityIn this overview, we discuss cybercriminal and hacktivist attacks on industrial organizations.
06 March 2023
Threat landscape for industrial automation systems. Statistics for H2 2022The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
22 November 2022
ICS cyberthreats in 2023 – what to expectCybersecurity incidents were plentiful in 2022, causing many problems for industrial infrastructure owners and operators. Below we share some of our thoughts on potential developments of 2023, though we cannot claim to be providing either a complete picture or a high degree of precision.
20 October 2022
Digital twins and ensuring the cybersecurity of enterprises. Oil and gas industryIn modern technology-intensive production, IT and large-scale digitalization, and therefore new cybersecurity technologies, are essential to remaining competitive, reducing costs associated with maintaining the existing infrastructure, and increasing net profits.
29 September 2022
The secrets of Schneider Electric’s UMAS protocolThe UMAS protocol, in its implementation prior to the version in which the CVE-2021-22779 vulnerability was fixed, had significant shortcomings that had a critical effect on the security of control systems based on Schneider Electric controllers.
08 September 2022
H1 2022 – a brief overview of the main incidents in industrial cybersecurityEvents in the cybersecurity world, including ICS, were intense in H1 2022.
08 September 2022
Threat landscape for industrial automation systems. Statistics for H1 2022The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
Filter
11 June 2019
Dangerous vulnerability fixed in Cisco Industrial Network DirectorThe vulnerability could be used by an authenticated, remote attacker to execute arbitrary code on devices running vulnerable software
10 June 2019
Multiple vulnerabilities in Optergy Proton/Enterprise building management systemIf successfully exploited, the vulnerabilities could allow an attacker to execute code remotely and gain full system access
20 May 2019
Critical vulnerabilities identified by Kaspersky Lab have been corrected in Siemens SIMATIC WinCC and SIMATIC PCS 7Multiple vulnerabilities could lead to arbitrary code and command execution on a target system and a denial-of-service condition
22 March 2019
Metallurgical giant Norsk Hydro attacked by encrypting malwareOn March 19 2019 Norsk Hydro, one of the world’s largest aluminum producers revealed that ransomware had been used in an attack against them.
15 January 2019
Vulnerabilities in Schneider Electric industrial solutionsCritical and severe vulnerabilities have been identified in GP-Pro EX programming environment, Zelio Soft software and IIoT Monitor platform
14 December 2018
Critical vulnerabilities in Siemens SINUMERIK controllersExploitation of vulnerabilities in Siemens SINUMERIK controllers cold allow remote code execution, privilege escalation and device denial-of-service conditions
11 December 2018
IoT Security in the ‘Smart Manufacturing’ world: a new study by ENISAENISA has released a new study: “Good Practices for Security of Internet of Things in the context of Smart Manufacturing. Kaspersky Lab ICS CERT experts contributed to the study.
23 November 2018
Critical vulnerability in Modicon M221 PLCA critical vulnerability in Modicon M221 PLC could allow attackers to intercept traffic by remotely changing IPv4 parameters
16 November 2018
Web vulnerabilities in Siemens SIMATIC operator panelsThe most serious of the vulnerabilities could allow arbitrary files to be downloaded from the device
16 November 2018
Vulnerabilities in Siemens industrial productsThe most dangerous of the vulnerabilities affect the SIMATIC S7-400 CPU family and the SIMATIC IT Production Suite software package. The vulnerabilities have been fixed for most of the affected products
Filter