Filter
04 September 2025
APT and financial attacks on industrial organizations in Q2 2025Spreading from a compromised organization to its peers with hijacked emails, using the ClickFix social engineering method – non-trivial tactics and techniques were reported this quarter.
21 August 2025
Modern vehicle cybersecurity trendsWhy cyberattacks on vehicles have not yet become a widespread phenomenon, what are the consequences of turning a car into a gadget and which ones are at risk
17 July 2025
Faults in digital avionics systems threaten flight safetyKaspersky experts analyze aviation incidents and accidents caused by failures of digital avionics systems and warn of potential cyberattack risks
26 June 2025
A brief overview of the main incidents in industrial cybersecurity. Q1 2025The attack on Kuala Lumpur airport, which knocked out many of its information systems for 10 hours, plus over 100 more incidents.
19 June 2025
APT and financial attacks on industrial organizations in Q1 2025Using polyglot files, involving the 7-Zip vulnerability and the 0-click vulnerability in MS Windows – there are some interesting details of attacks on industrial enterprises disclosed at this quarter.
10 June 2025
Threat landscape for industrial automation systems. Regions, Q1 2025The internet ranks first among threat sources in all regions. The problem is particularly relevant to Africa, South-East Asia, South Asia and Russia.
05 June 2025
TTPs of Cyber Partisans activity aimed at espionage and disruptionKaspersky ICS CERT experts managed to find and analyze the malware and utilities most probably used by the actors. The key finding was a previously unknown backdoor.
15 May 2025
Threat landscape for industrial automation systems. Q1 2025The percentage of ICS computers on which various types of malware spread via the internet and email were blocked increased for the first time in two years.
08 April 2025
A brief overview of the main incidents in industrial cybersecurity. Q4 2024More than 100 companies publicly reported cyberattacks. Two of them announced their insolvency after the incident. In two other cases, two ransomware gangs simultaneously claimed responsibility for the same hack.
25 March 2025
APT and financial attacks on industrial organizations in Q4 2024Abusing of Telegram to spy and put pressure on their victims’ employees, notifying the victims by printing messages on printers connected to a compromised network – we publish interesting details of attacks on industrial enterprises disclosed at this quarter.
Filter
09 February 2021
Classics: vulnerabilities in web console and third-party components in Pepperl+Fuchs IO-Link-Master gatewaysThe vendor has published an advisory on vulnerabilities in multifunctional gateway devices designed to integrate different types of sensors and PLCs into industrial environments
05 February 2021
Getting back on Treck: more vulnerabilities in the infamous TCP/IP StackVulnerabilities have been identified in the IPv6 component in the Treck TCP/IP stack implementation. It is recommended that vendors of IoT devices using that implementation issue security advisories.
02 February 2021
Much ado about the certificate: what one should know about Siemens SCALANCE X switch configuration to avoid MitMSiemens has released a security alert which describes some cases of SCALANCE X-200/X-200IRT/X-300 switches using hardcoded encryption keys, making them prone to man-in-the-middle attacks
28 January 2021
Cryptographic deadly sins and the security of Modicon M100/M200/M221Weak implementation of cryptographic data protection allows various types of attacks and enables attackers to identify the key in captured traffic
27 January 2021
From buffer overflow to switchboard setup errors: vulnerabilities in building operation software by Schneider ElectricVulnerabilities in Schneider Electric’s low-voltage distribution system configuration software could enable attackers to upload arbitrary files defining electrical system parameters
26 January 2021
Twentieth for Ripple20: Vulnerability in embedded web server of I/O expansion modules for IoTSсhneider Electric has published an advisory on a critical vulnerability in the web server used in TM3 I/O expansion modules
26 January 2021
Critical vulnerability in Schneider Electric HMI configuration softwareThe vulnerability could cause a Windows local user privilege escalation when using EcoStruxure™ Operator Terminal Expert and Pro-face BLUE software and WinGP runtime environment by Schneider Electric.
26 January 2021
A classic that needs updating: fresh vulnerabilities in the software of Siemens SCALANCE X switchesDoS vulnerabilities have been disclosed in the integrated web server of Siemens SCALANCE X-200 / X-200IRT / X-300 switches. Measures proposed by the vendor do not prevent all possible attacks.
23 November 2020
First things first: Kaspersky ICS CERT becomes new member of the global Forum of Incident Response and Security Teams (FIRST)After rigorous assessment, Kaspersky’s Industrial Systems Emergency Response Team (ICS CERT) has officially joined FIRST – the global Forum of Incident Response and Security Teams.
23 November 2020
ENISA publishes guidelines for securing internet of things supply chainThe European Union Agency for Cybersecurity (ENISA) has published its guidelines for securing the internet of things supply chain. Kaspersky ICS CERT experts were among the contributors to the development effort.
Filter
MIT held Cybersecurity Insight, providing presentations, practical workshops and an ICS CTF in partnership with Kaspersky Lab
Kaspersky Lab presented its latest findings on CoDeSys Runtime vulnerabilities at the S4x19 conference, in what was a successful debut among competing industrial cybersecurity vendors
Another two-day course “Advanced Industrial Cybersecurity in Practice” was held in Germany. The course included theoretical sections followed by live demonstrations and exercises. An international group of participants left positive feedback
The online qualifications round for Kaspersky Industrial CTF 2018 took place on November 23-24. Over 1,000 teams registered with 130 eventually scoring points. The top 4 teams will participate in the finals
Kaspersky Lab ICS CERT is conducting a practical course in IoT vulnerability research. This class provides a deep dive into hardware analysis, firmware extraction and analysis, vulnerability research and exploitation.
In October 2018, Vyacheslav Kopeytsev, Security Researcher, Critical Infrastructure Threat Analysis, spoke at MALCON 2018, the 13th IEEE International Conference on Malicious and Unwanted Software, held this year in Massachusetts, USA.
Kaspersky Lab is launching the fourth international industrial Capture the Flag (CTF) security competition and inviting ethical hackers (whitehats) from across the world to test the security of smart devices and industrial systems
The sixth conference on industrial cybersecurity organized by Kaspersky Lab was held on September 19-21 in Sochi, Russia. This year’s theme was ‘Industrial cybersecurity: opportunities and challenges in digital transformation’.
On October 16, Kaspersky Lab and Fraunhofer IOSB are hosting a joint webinar to highlight the importance of ICS cybersecurity education and present a new ICS cybersecurity training course
On September 26 – 27, 2018 Kaspersky Lab ICS CERT and Fraunhofer IOSB conducted their first “Advanced Industrial Cybersecurity in Practice” joint training course