08 September 2022
H1 2022 – a brief overview of the main incidents in industrial cybersecurityEvents in the cybersecurity world, including ICS, were intense in H1 2022.
Filter
08 September 2022
Threat landscape for industrial automation systems. Statistics for H1 2022The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
08 August 2022
Targeted attack on industrial enterprises and public institutionsThe attackers were able to penetrate dozens of enterprises and even hijack the IT infrastructure of some, taking control of systems used to manage security solutions. The goal of this series of attacks was cyberespionage.
06 July 2022
Dynamic analysis of firmware components in IoT devicesFirmware analysis is an essential part of security research and targeted search for vulnerabilities in IoT products. This article examines conventional methods of dynamic analysis and some less obvious methods.
27 June 2022
Attacks on industrial control systems using ShadowPadA previously unknown Chinese-speaking threat actor attacking telecommunications, manufacturing, and transport organizations in several Asian countries. The group exploits MS Exchange vulnerability to deploy ShadowPad malware and infiltrates building automation systems of one of the victims.
23 May 2022
ISaPWN – research on the security of ISaGRAF RuntimeThis report includes an analysis of the ISaGRAF framework, its architecture, the IXL and SNCP protocols and the description of several vulnerabilities the Kaspersky ICS CERT team had identified.
03 March 2022
Threat landscape for industrial automation systems. Statistics for H2 2021The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
28 February 2022
APT attacks on industrial companies in H2 2021This summary provides an overview of APT attacks on industrial enterprises disclosed in H2 2021.
19 January 2022
Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networksTargets of spyware attacks in which each malware sample has a limited-scope and a short lifetime include industrial enterprises. Victim organizations’ SMTP services are abused to send phishing emails and collect stolen data.
30 December 2021
Log4Shell at industrial enterprisesAlthough it is still difficult to say to what extent vulnerable ICS systems are exposed to potential attacks, we hope that, unlike IT infrastructures, most vulnerable OT systems cannot accept inputs coming from untrusted sources.
Filter
02 October 2018
Critical vulnerabilities in Emerson AMS Device ManagerExploitation of vulnerabilities in Emerson AMS Device Manager, an industrial asset control system, could allow arbitrary code execution and malware injection
20 September 2018
Dangerous vulnerabilities in Siemens industrial solutionsNewly identified vulnerabilities affect SIMATIC WinCC OA HMI system, SCALANCE X switches and TD Keypad Designer tool
12 September 2018
Schneider Electric products shipped with infected USB mediaUSB media infected with malware were shipped with Conext ComBox and Conext Battery Monitor products
11 September 2018
Buffer overflow vulnerabilities in industrial automation products by Opto22The vulnerability affects PAC Control Basic and PAC Control Professional version R10.0а and earlier and could allow arbitrary code execution
31 August 2018
Vulnerabilities in Schneider Electric industrial devicesNew vulnerabilities have been identified in Schneider Electric PM5560 power meter and Modicon M221 logic controller
22 August 2018
Princeton University researchers: causing power outages with IoT botnetA study has been published on the ways in which high-wattage smart devices could be used in attacks on the power grid
22 August 2018
Multiple vulnerabilities in Emerson DeltaV DCS industrial workstationsCritical vulnerabilities in industrial PCs used by Emerson’s DeltaV distributed control system could allow arbitrary code execution, malware injection or malware propagation to other workstations
06 August 2018
APT group called RASPITE attacks industrial enterprisesDragos has published information on a newly-identified APT group, which it calls RASPITE. According to Dragos, the group's activity overlaps significantly with that of Leafminer, a group identified earlier by Symantec
06 August 2018
The Third Specialized Conference “IT Security for Industrial Systems” in FrankfurtOn November 12 – 13 the Third Specialized Conference “IT Security for Industrial Systems” will be held in Frankfurt.
03 August 2018
Critical vulnerabilities in WECON LeviStudioUBuffer overflow vulnerabilities in WECON LeviStudioU could allow remote code execution.
Filter