24 April 2020
Threat landscape for industrial automation systems. APT attacks on industrial companies in 2019Overview of APT attacks on industrial enterprises information on which was published in 2019.
Filter
24 April 2020
Threat landscape for industrial automation systems. Vulnerabilities identified in 2019The analysis of vulnerabilities was performed based on vendor advisories, publicly available information from open vulnerability databases (US ICS-CERT, CVE, Siemens Product CERT), as well as the results of Kaspersky ICS CERT’s own research.
24 April 2020
Threat landscape for industrial automation systems. 2019 Report at a glanceMalicious objects were blocked on 46.6% and ransomware on 1.0% of ICS computers. Kaspersky ICS CERT identified 103 vulnerabilities in industrial systems, IIoT/IoT systems, and other types of solutions.
26 March 2020
WildPressure targets industrial-related entities in the Middle EastWe found just three almost unique samples, all in one country. So we consider the attacks to be targeted and have currently named this operation WildPressure.
02 December 2019
Biometric data processing and storage system threatsThe findings of our research can be used to make a more objective assessment of risks associated with using modern biometric authentication systems.
22 November 2019
VNC vulnerability researchFindings of research on different implementations of the VNC remote access system. Memory corruption vulnerabilities were found, some of which, if exploited, could lead to remote code execution.
30 September 2019
Threat landscape for industrial automation systems, H1 2019Descriptions of dangerous threats, our findings from analyzing statistics on blocked threats, and possible vectors of malware penetration of ICS computers.
19 September 2019
Threat landscape for smart buildings. H1 2019 in briefWhat threats are relevant to building automation systems and what malware their owners have encountered in the first six months of 2019.
18 September 2019
Security research: CODESYS Runtime, a PLC control framework. Part 3This article continues the discussion of research on popular OEM technologies that are implemented in the products of a large number of vendors. Vulnerabilities in such technologies are highly likely to affect the security of many, if not all, products that use them. In some cases, this means hundreds of products that are used in industrial environments and in critical infrastructure facilities. This is the case with CODESYS Runtime, a framework by CODESYS designed for developing and executing industrial control system software.
18 September 2019
Security research: CODESYS Runtime, a PLC control framework. Part 2This article continues the discussion of research on popular OEM technologies that are implemented in the products of a large number of vendors. Vulnerabilities in such technologies are highly likely to affect the security of many, if not all, products that use them. In some cases, this means hundreds of products that are used in industrial environments and in critical infrastructure facilities. This is the case with CODESYS Runtime, a framework by CODESYS designed for developing and executing industrial control system software.
Filter
09 June 2018
Serious vulnerability in RSLinx Classic and FactoryTalk Linx Gateway by Rockwell AutomationA serious vulnerability has been identified in Rockwell Automation solutions for industrial networks RSLinx Classic and FactoryTalk Linx Gateway
05 June 2018
Critical vulnerability in Yokogawa STARDOM controllersHardcoded credentials have been identified in Yokogawa STARDOM controllers, potentially leading to remote execution of arbitrary code on affected devices
29 May 2018
Multiple vulnerabilities in Schneider Electric Floating License ManagerDangerous vulnerabilities have been identified in the Schneider Electric Floating License Manager platform.
28 May 2018
VPNFilter malware can be used to detect SCADA equipmentCisco Talos researchers have detected new malware, which has been dubbed VPNFilter. To date, the malware has infected at least 500,000 routers and network-attached storage (NAS) devices in 54 countries of the world.
28 May 2018
Serious vulnerabilities in TELEM-GW6/GWM data concentratorsVulnerabilities in Martem TELEM-GW6/GWM data concentrators could enable remote attackers to gain control of the industrial process, cause denial of service and execute arbitrary code
23 May 2018
Serious vulnerability fixed in PACSystems industrial controllersA serious improper data validation vulnerability has been closed in some models of PACSystems industrial controllers. Exploitation of the vulnerability could cause affected devices to malfunction
23 May 2018
Dangerous vulnerabilities identified in FL SWITCH industrial Ethernet switchesCritical vulnerabilities have been identified in FL SWITCH series 3xxx, 4xxx and 48xxx industrial Ethernet switches. Updating the firmware of the switches to version 1.34 or higher is recommended to eliminate these vulnerabilities
22 May 2018
OPC Foundation Consortium comments on Kaspersky Lab’s OPC UA security analysis reportThe OPC Foundation has published an official response to Kaspersky Lab’s analysis
18 May 2018
DoS vulnerability in SIMATIC S7-400 controllersA hardware vulnerability in SIMATIC S7-400 CPUs could cause denial-of-service conditions of affected PLCs. Exploitation of the vulnerability does not require user interaction or any privileges
17 May 2018
Multiple vulnerabilities closed in Advantech WebAccessMultiple serious vulnerabilities have been closed in Advantech’s WebAccess SCADA/HMI solution. Their exploitation could lead to sensitive information disclosure, arbitrary code execution and file deletion.
Filter