Reports
News

Filter

25 February 2021

Lazarus targets defense industry with ThreatNeedle

Seongsu Park,

Vyacheslav Kopeytsev

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.

19 October 2020

Practical example of fuzzing OPC UA applications

Pavel Cheremushkin

We continue to describe our approaches to searching for vulnerabilities in industrial systems based on the OPC UA protocol. In this article, we examine new techniques that can be used to search for memory corruption vulnerabilities if the source code is available. We also discuss an example of fuzzing using libfuzzer.

13 October 2020

What it feels like for a turbine

Alexander Korotin,

Evgeniya Potseluevskaya,

Gleb Gritsai,

Radu Motspan,

Sergey Andreev,

Sergey Sidorov

The goal of the article is to raise awareness on security of Distributed Control Systems (DCS), propose a methodology for assessment, and a remediation strategy. Defenders are always behind attackers, and this publication is trying to balance things out.

APT 5
Companies and organisations 9
Industrial control systems 3
Industries 16
Laws and regulation 3
Malware 17
Products and services 11
Technologies 14
Types of threats 9

Select an author

Select a date

Filter

APT 1
Companies and organisations 49
Events and conferences 2
Industrial control systems 5
Industries 4
Laws and regulation 2
Malware 25
Products and services 58
Technologies 13
Types of threats 23

Select an author

Select a date

Select a tag

APT 5
Companies and organisations 9
Industrial control systems 3
Industries 16
Laws and regulation 3
Malware 17
Products and services 11
Technologies 14
Types of threats 9

Select an author

Select a date

Filter

Select a tag

APT 1
Companies and organisations 49
Events and conferences 2
Industrial control systems 5
Industries 4
Laws and regulation 2
Malware 25
Products and services 58
Technologies 13
Types of threats 23

Select an author

Select a date

Filter