10 June 2025
Threat landscape for industrial automation systems. Regions, Q1 2025The internet ranks first among threat sources in all regions. The problem is particularly relevant to Africa, South-East Asia, South Asia and Russia.
Filter
05 June 2025
TTPs of Cyber Partisans activity aimed at espionage and disruptionKaspersky ICS CERT experts managed to find and analyze the malware and utilities most probably used by the actors. The key finding was a previously unknown backdoor.
15 May 2025
Threat landscape for industrial automation systems. Q1 2025The percentage of ICS computers on which various types of malware spread via the internet and email were blocked increased for the first time in two years.
08 April 2025
A brief overview of the main incidents in industrial cybersecurity. Q4 2024More than 100 companies publicly reported cyberattacks. Two of them announced their insolvency after the incident. In two other cases, two ransomware gangs simultaneously claimed responsibility for the same hack.
25 March 2025
APT and financial attacks on industrial organizations in Q4 2024Abusing of Telegram to spy and put pressure on their victims’ employees, notifying the victims by printing messages on printers connected to a compromised network – we publish interesting details of attacks on industrial enterprises disclosed at this quarter.
17 March 2025
Threat landscape for industrial automation systems. Regions, Q4 2024The percentage of ICS computers on which malicious objects were blocked increased in eight regions. Regionally, the percentage ranged from 10.6% in Northern Europe to 31.0% in Africa.
17 March 2025
Threat landscape for industrial automation systems. Q4 2024The percentage of ICS computers on which malicious scripts and phishing pages as well as ransomware were blocked continued to increase.
24 February 2025
Operation SalmonSlalomKaspersky discovered a new attack targeting industrial organizations in APAC
19 February 2025
Q3 2024 – a brief overview of the main incidents in industrial cybersecurityMany large companies, including some well-known brands, affected by cyberattacks. An unusually high number of victims were in critical sectors such as utilities and power and energy.
29 January 2025
Threat predictions for industrial enterprises 2025Kaspersky ICS CERT analyzes industrial threat trends and makes forecasts on how the industrial threat landscape will look in 2025.
Filter
09 February 2021
Classics: vulnerabilities in web console and third-party components in Pepperl+Fuchs IO-Link-Master gatewaysThe vendor has published an advisory on vulnerabilities in multifunctional gateway devices designed to integrate different types of sensors and PLCs into industrial environments
05 February 2021
Getting back on Treck: more vulnerabilities in the infamous TCP/IP StackVulnerabilities have been identified in the IPv6 component in the Treck TCP/IP stack implementation. It is recommended that vendors of IoT devices using that implementation issue security advisories.
02 February 2021
Much ado about the certificate: what one should know about Siemens SCALANCE X switch configuration to avoid MitMSiemens has released a security alert which describes some cases of SCALANCE X-200/X-200IRT/X-300 switches using hardcoded encryption keys, making them prone to man-in-the-middle attacks
28 January 2021
Cryptographic deadly sins and the security of Modicon M100/M200/M221Weak implementation of cryptographic data protection allows various types of attacks and enables attackers to identify the key in captured traffic
27 January 2021
From buffer overflow to switchboard setup errors: vulnerabilities in building operation software by Schneider ElectricVulnerabilities in Schneider Electric’s low-voltage distribution system configuration software could enable attackers to upload arbitrary files defining electrical system parameters
26 January 2021
Twentieth for Ripple20: Vulnerability in embedded web server of I/O expansion modules for IoTSсhneider Electric has published an advisory on a critical vulnerability in the web server used in TM3 I/O expansion modules
26 January 2021
Critical vulnerability in Schneider Electric HMI configuration softwareThe vulnerability could cause a Windows local user privilege escalation when using EcoStruxure™ Operator Terminal Expert and Pro-face BLUE software and WinGP runtime environment by Schneider Electric.
26 January 2021
A classic that needs updating: fresh vulnerabilities in the software of Siemens SCALANCE X switchesDoS vulnerabilities have been disclosed in the integrated web server of Siemens SCALANCE X-200 / X-200IRT / X-300 switches. Measures proposed by the vendor do not prevent all possible attacks.
23 November 2020
First things first: Kaspersky ICS CERT becomes new member of the global Forum of Incident Response and Security Teams (FIRST)After rigorous assessment, Kaspersky’s Industrial Systems Emergency Response Team (ICS CERT) has officially joined FIRST – the global Forum of Incident Response and Security Teams.
23 November 2020
ENISA publishes guidelines for securing internet of things supply chainThe European Union Agency for Cybersecurity (ENISA) has published its guidelines for securing the internet of things supply chain. Kaspersky ICS CERT experts were among the contributors to the development effort.
Filter
31
Jan 2019
Kaspersky Lab has taken part in S4x19 Industrial Cybersecurity Conference
Kaspersky Lab presented its latest findings on CoDeSys Runtime vulnerabilities at the S4x19 conference, in what was a successful debut among competing industrial cybersecurity vendors
14
Dec 2018
Kaspersky Lab and Fraunhofer IOSB conduct another joint training
Another two-day course “Advanced Industrial Cybersecurity in Practice” was held in Germany. The course included theoretical sections followed by live demonstrations and exercises. An international group of participants left positive feedback
29
Nov 2018
Kaspersky Industrial CTF 2018 Qualifications Results
The online qualifications round for Kaspersky Industrial CTF 2018 took place on November 23-24. Over 1,000 teams registered with 130 eventually scoring points. The top 4 teams will participate in the finals
27
Nov 2018
Kaspersky Lab ICS CERT Hands-on: IoT vulnerability research and exploitation training
Kaspersky Lab ICS CERT is conducting a practical course in IoT vulnerability research. This class provides a deep dive into hardware analysis, firmware extraction and analysis, vulnerability research and exploitation.
19
Nov 2018
RATs – are they Useful or Dangerous for your ICS
In October 2018, Vyacheslav Kopeytsev, Security Researcher, Critical Infrastructure Threat Analysis, spoke at MALCON 2018, the 13th IEEE International Conference on Malicious and Unwanted Software, held this year in Massachusetts, USA.
23
Oct 2018
Kaspersky Lab challenges whitehats to find flaws in IoT devices, in Capture the Flag competition
Kaspersky Lab is launching the fourth international industrial Capture the Flag (CTF) security competition and inviting ethical hackers (whitehats) from across the world to test the security of smart devices and industrial systems
15
Oct 2018
Opportunities and challenges in digital transformation: sixth industrial cybersecurity conference organized by Kaspersky Lab
The sixth conference on industrial cybersecurity organized by Kaspersky Lab was held on September 19-21 in Sochi, Russia. This year’s theme was ‘Industrial cybersecurity: opportunities and challenges in digital transformation’.
10
Oct 2018
Bridging the ICS cybersecurity awareness gap: webinar by Kaspersky Lab & Fraunhofer IOSB
On October 16, Kaspersky Lab and Fraunhofer IOSB are hosting a joint webinar to highlight the importance of ICS cybersecurity education and present a new ICS cybersecurity training course
8
Oct 2018
First joint training by Kaspersky Lab and Fraunhofer IOSB
On September 26 – 27, 2018 Kaspersky Lab ICS CERT and Fraunhofer IOSB conducted their first “Advanced Industrial Cybersecurity in Practice” joint training course
20
Apr 2018
Education initiative by Kaspersky Lab ICS CERT and Fraunhofer IOSB
Kaspersky Lab ICS CERT and Fraunhofer IOSB are working together to address industrial cybersecurity and awareness challenges.