Filter
27 June 2022
Attacks on industrial control systems using ShadowPadA previously unknown Chinese-speaking threat actor attacking telecommunications, manufacturing, and transport organizations in several Asian countries. The group exploits MS Exchange vulnerability to deploy ShadowPad malware and infiltrates building automation systems of one of the victims.
23 May 2022
ISaPWN – research on the security of ISaGRAF RuntimeThis report includes an analysis of the ISaGRAF framework, its architecture, the IXL and SNCP protocols and the description of several vulnerabilities the Kaspersky ICS CERT team had identified.
03 March 2022
Threat landscape for industrial automation systems. Statistics for H2 2021The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
28 February 2022
APT attacks on industrial companies in H2 2021This summary provides an overview of APT attacks on industrial enterprises disclosed in H2 2021.
19 January 2022
Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networksTargets of spyware attacks in which each malware sample has a limited-scope and a short lifetime include industrial enterprises. Victim organizations’ SMTP services are abused to send phishing emails and collect stolen data.
30 December 2021
Log4Shell at industrial enterprisesAlthough it is still difficult to say to what extent vulnerable ICS systems are exposed to potential attacks, we hope that, unlike IT infrastructures, most vulnerable OT systems cannot accept inputs coming from untrusted sources.
16 December 2021
PseudoManuscrypt: a mass-scale spyware attack campaignKaspersky products blocked PseudoManuscrypt on more than 35,000 computers in 195 countries of the world. Targets of attacks include a significant number of industrial and government organizations, including enterprises in the military-industrial complex and research laboratories.
23 November 2021
Threats to ICS and industrial enterprises in 2022 as they are foreseen from November 2021In recent years, we have observed various trends in the changing threat landscape for industrial enterprises, most of which have been evolving for some time. We can say with high confidence that many of these trends will not only continue, but gain new traction in the coming year.
26 October 2021
APT attacks on industrial organizations in H1 2021This summary provides an overview of APT attacks on industrial enterprises disclosed in H1 2021.
09 September 2021
Threat landscape for industrial automation systems. Statistics for H1 2021The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
Filter
Filter
28 May 2020
Multiple vulnerabilities in EcoStruxure Operator Terminal ExpertVulnerabilities that can lead to unsanctioned account access or remote code execution.
28 May 2020
Dangerous vulnerabilities in Emerson OpenEnterpriseKaspersky ICS CERT has discovered vulnerabilities that may allow threat actors to modify configuration files, execute arbitrary code remotely or access user passwords.
20 May 2020
Cyber incidents in industrial enterprises during the first half of May: Stadler, Elexon, BlueScopeVictims included a railway stock manufacturer, an electric utility company and a steel producer. One incident brought operations to a halt
30 April 2020
Multiple vulnerabilities in ABB 800xA DCSThe vulnerabilities could allow attackers to remotely compromise hosts, cause denial-of-service conditions or elevate their privileges
29 April 2020
Targeted attacks on Israeli water supply and wastewater treatment facilitiesIsraeli authorities have warned of possible attacks on SCADA systems of wastewater treatment, water pumping and sewerage facilities
24 April 2020
Malicious campaigns against Azerbaijan’s government and industrial organizationsThe attackers use PoetRAT, a new RAT Trojan distributed via Microsoft Word documents
17 April 2020
Dozens of Siemens industrial devices are affected by DoS vulnerabilitiesSiemens industrial solutions are affected by SegmentSmack and FragmentSmack vulnerabilities, which could lead to device denial of service
17 April 2020
New ransomware attacks on industrial enterprisesIn new ransomware attacks, victims face the choice between paying the ransom and seeing their sensitive data published by the attackers
13 April 2020
Multiple vulnerabilities in Advantech WebAccess/NMSIf exploited, the vulnerabilities could lead to arbitrary code execution, file manipulations, denial of service and the creation of an admin account
03 April 2020
Threat actor behind Ruyk malware continues attacks on medical facilities despite epidemicIn the past month, 10 more hospitals have fallen victim to Ryuk attacks in the US