31 July 2023
Common TTPs of attacks against industrial organizations. Implants for gathering dataThis part of the research is devoted to second stage malware used to gather data on infected systems of industrial organizations.
Filter
20 July 2023
Common TTPs of attacks against industrial organizations. Implants for remote accessIn this article (which is the first part of the report) we analyze common TTPs of implants used by threat actors to establish a persistent remote access channel into the infrastructure of industrial organizations.
24 March 2023
APT attacks on industrial organizations in H2 2022This summary provides an overview of APT attacks on industrial enterprises and activity of groups that have been observed attacking industrial organizations and critical infrastructure facilities.
15 March 2023
H2 2022 – brief overview of main incidents in industrial cybersecurityIn this overview, we discuss cybercriminal and hacktivist attacks on industrial organizations.
06 March 2023
Threat landscape for industrial automation systems. Statistics for H2 2022The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
22 November 2022
ICS cyberthreats in 2023 – what to expectCybersecurity incidents were plentiful in 2022, causing many problems for industrial infrastructure owners and operators. Below we share some of our thoughts on potential developments of 2023, though we cannot claim to be providing either a complete picture or a high degree of precision.
20 October 2022
Digital twins and ensuring the cybersecurity of enterprises. Oil and gas industryIn modern technology-intensive production, IT and large-scale digitalization, and therefore new cybersecurity technologies, are essential to remaining competitive, reducing costs associated with maintaining the existing infrastructure, and increasing net profits.
29 September 2022
The secrets of Schneider Electric’s UMAS protocolThe UMAS protocol, in its implementation prior to the version in which the CVE-2021-22779 vulnerability was fixed, had significant shortcomings that had a critical effect on the security of control systems based on Schneider Electric controllers.
08 September 2022
H1 2022 – a brief overview of the main incidents in industrial cybersecurityEvents in the cybersecurity world, including ICS, were intense in H1 2022.
08 September 2022
Threat landscape for industrial automation systems. Statistics for H1 2022The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
Filter
08 November 2018
Schneider Electric has fixed a vulnerability in SESU softwareThe vulnerability affects the Schneider Electric Software Update (SESU) tool, which is used to notify users when updated Schneider Electric software is available
08 November 2018
Critical vulnerabilities in CirCarLife electric vehicle chargersSuccessful exploitation of these vulnerabilities could allow a remote attacker to retrieve credentials to bypass authentication, and to access critical information
07 November 2018
Critical vulnerabilities in AVEVA industrial softwareThe vulnerabilities affect InduSoft Web Studio and InTouch Edge HMI and could allow remote execution of arbitrary code
29 October 2018
Multiple vulnerabilities in Advantech WebAccessVulnerabilities identified in Advantech WebAccess include buffer overflow, path traversal, improper privilege management, etc.
22 October 2018
Phishing attack targeting Italian naval and defense industryThe attackers attempted to infect computers with MartyMcFly remote access Trojan using phishing emails with malicious attachments
19 October 2018
New GreyEnergy malware attacks industrial networksExperts point to the similarities between the new malware and BlackEnergy, and a possible connection of the attacks with the TeleBots criminal group
12 October 2018
Siemens fixes new vulnerabilities in its productsVulnerable products include ROX II operating system, SIMATIC S7-1200 CPU family, SCALANCE W1750D access point and some SIMATIC PLCs
10 October 2018
Multiple vulnerabilities in Wecon PI StudioWecon PI Studio HMI solutions are affected by multiple vulnerabilities that could allow remote code execution and disclosure of sensitive information, including in the context of an administrator
05 October 2018
Critical vulnerabilities in Entes EMG 12 convertersVulnerabilities in the web interface of EMG12 Ethernet Modbus Gateway devices could allow unauthorized access to the devices and the ability to change device configuration
02 October 2018
Multiple vulnerabilities in Fuji Electric industrial productsMultiple vulnerabilities affect the Alpha5 Smart Loader servo system, FRENIC Loader software, and FRENIC-Ace, FRENIC-Mini, FRENIC-Eco, FRENIC-Multi, and FRENIC-MEGA inverters
Filter