12 March 2018
Somebody’s watching! When cameras are more than just ‘smart’The researchers at Kaspersky Lab ICS CERT decided to check the popular smart camera to see how well protected it is against cyber abuses.
Filter
28 February 2018
IoT hack: how to break a smart home… againThere can never be too many IoT gadgets – that’s what people usually think when buying yet another connected device with advanced functionality. From our perspective, we also think there can’t be too many IoT investigations.
07 February 2018
Gas is too expensive? Let’s make it cheap!A few months ago, while undertaking unrelated research into online connected devices, we uncovered something surprising and realized almost immediately that we could be looking at a critical security threat.
22 January 2018
A silver bullet for the attacker. A study into the security of hardware license tokensIn the past years, the problem of vulnerabilities in industrial automation systems has been becoming increasingly important. The fact that industrial control systems have been developing in parallel with IT systems, relatively independently and often without regard for modern secure coding practices is probably the main source of ICS security problems.
16 January 2018
MLAD: Machine Learning for Anomaly DetectionModern industrial control systems (ICS) are cyber-physical systems that include IT infrastructure and operational technologies or OT infrastructure. Attacks on OT pose the greatest danger and are very difficult to detect. The MLAD (Machine Learning for Anomaly Detection) technology is designed to protect OT.
30 November 2017
Industrial Enterprise and IoT Security Threats: Forecast for 20182017 was one of the most eventful years in terms of information security incidents affecting industrial systems, and it changed the way industrial companies think about protecting key operational technology systems.
15 November 2017
The Relevance of WPA2 Vulnerabilities and KRACK Attacks to Industrial SystemsCritical vulnerabilities that have recently been identified in the WPA2 protocol enable threat actors to carry out Man-in-the-Middle (MitM) attacks and force devices connected to the network to reinstall encryption keys that protect traffic. These vulnerabilities can be used, among other things, to implement attacks on industrial automation systems.
28 September 2017
Threat Landscape for Industrial Automation Systems in H1 2017Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the results of its research on the threat landscape for industrial automation systems for the first six months of 2017.
22 June 2017
WannaCry on industrial networks: error correctionDuring the period from 12 to 15 May 2017, numerous companies across the globe were attacked by a network cryptoworm called WannaCry. The worm’s victims include various manufacturing companies, oil refineries, city infrastructure objects and electrical distribution network facilities.
19 June 2017
Vulnerable System Update Statistics. General ElectricThis article is devoted to vulnerabilities in General Electric products. The article looks only at known vulnerabilities, a list of which was prepared based using the MITRE CVE database. All the vulnerabilities in question were uncovered in 2012 – 2016.
Filter
29 January 2018
Vulnerability in Nari PCS-9611 relaysAn improper input validation vulnerability has been identified in the Nari PCS-9611 protection relay. Although an exploit for the vulnerability exists, the vendor has so far not commented on the problem.
12 January 2018
Industrial solutions may be affected by Spectre and Meltdown vulnerabilitiesVulnerabilities in Intel, ARM64 and AMD processors allow unauthorized access to virtual memory contents. Vulnerable devices include industrial equipment.
19 December 2017
Serious vulnerabilities identified in Palo Alto firewallsAttackers can take advantage of vulnerabilities in the PAN-OS management interface to execute arbitrary code with superuser privileges.
18 December 2017
TRITON attack. Comment by Kaspersky Lab ICS CERT expertThe TRITON attack demonstrates an important property of attacks on industrial enterprises: they may show no signs of malicious computer activity.
14 December 2017
The brief awakening of the Satori botnetThe Satori botnet has used embedded exploits to attack ports 37215 and 52869. After reaching the size of 280,000 active bots, the botnet has suddenly folded its operations.
05 December 2017
Dnsmasq Vulnerabilities Affect Siemens SCALANCE SolutionsSiemens SCALANCE industrial solutions are affected by Dnsmasq vulnerabilities. An attacker could be able to execute arbitrary code or conduct a DoS attack.
04 December 2017
New Mirai VariantA new variant of the Mirai malware infects vulnerable ZyXEL devices, making them part of a botnet.
04 December 2017
Vulnerabilities in Siemens SWT 3000 DevicesVulnerabilities in Siemens SWT 3000, a system used in the energy sector, allow attackers to gain access to sensitive information, circumvent authentication and conduct a DoS attack.
24 November 2017
Intel Releases Updates to Close ME, SPS and TXE VulnerabilitiesSerious vulnerabilities have been found in Intel processors. These flaws also affect industrial equipment. Intel has released the relevant updates and equipment vendors now need to integrate them into their products.
24 November 2017
Siemens Industrial Solutions Are Vulnerable to Denial-of-Service AttacksSiemens has announced that some of its industrial solutions are vulnerable to DoS attacks. Vulnerable devices include industrial controllers, field devices and shop floor automation systems.
Filter