Filter
25 December 2024
Threat landscape for industrial automation systems. Q3 2024The percentage of ICS computers on which malicious objects were blocked decreased by 1.5 pp from the second quarter to 22%. The biometrics sector led the surveyed industries in terms of this parameter.
21 November 2024
Threat landscape for industrial automation systems. Regions, Q2 2024The global percentage of ICS computers on which malicious objects were blocked decreased from Q1 2024 to 23.5%. But the figure increased in four regions. Regionally, the percentage ranged from 11.3% in Northern Europe to 30% in Africa.
08 November 2024
Q2 2024 – a brief overview of the main incidents in industrial cybersecurityA total of 35 incidents were confirmed by victims. Half of the attacks reportedly resulted in the denial of IT systems and the denial of operations. There is a case of a company that was unable to recover from the impact of a cyberattack and decided to cease operations.
03 October 2024
APT and financial attacks on industrial organizations in Q2 2024This summary provides an overview of the reports of APT and financial attacks on industrial enterprises that were disclosed in Q2 2024, as well as the related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities.
26 September 2024
Threat landscape for industrial automation systems. Q2 2024In the second quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.9 pp from the previous quarter to 23.5%. Compared to the second quarter of 2023, the percentage decreased by 3.3 pp.
13 June 2024
Cinterion EHS5 3G UMTS/HSPA Module ResearchIn the course of the modem security analysis, we found seven locally exploited vulnerabilities and one remotely exploited vulnerability. The combination of these vulnerabilities could allow an attacker to completely get control over the modem.
10 June 2024
APT and financial attacks on industrial organizations in Q1 2024This summary provides an overview of the reports of APT and financial attacks on industrial enterprises, as well as the related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities.
03 June 2024
Q1 2024 – a brief overview of the main incidents in industrial cybersecurityA total of 30 incidents were confirmed by victims. 37% of victims reported denial of operations or product shipment caused by the incident. Almost half of all incidents resulted in disruption of the victims’ public digital services.
27 May 2024
Threat landscape for industrial automation systems. Q1 2024In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 21.4%. Compared to the first quarter of 2023, the percentage decreased by 1.3 pp.
27 May 2024
Threat landscape for industrial automation systems. Regions, Q1 2024The percentage of ICS computers on which malicious objects were blocked during the quarter varied regionally from 34.2% in Africa to 11.5% in Northern Europe. Africa and South-East Asia saw their percentages increase from the previous quarter.
Filter
13 April 2020
Multiple vulnerabilities in Advantech WebAccess/NMSIf exploited, the vulnerabilities could lead to arbitrary code execution, file manipulations, denial of service and the creation of an admin account
03 April 2020
Threat actor behind Ruyk malware continues attacks on medical facilities despite epidemicIn the past month, 10 more hospitals have fallen victim to Ryuk attacks in the US
17 January 2020
Ransomware attack on Picanol paralyzes production at plants in Belgium, Romania, and ChinaThe company has been forced to stop its operations almost completely. Production recovery will take at least a week
10 January 2020
Dustman wiper attack on Bapco oil companyDustman is an upgraded version of the ZeroCleare wiper. The attack exploited a vulnerability in VPN appliances
30 December 2019
Ryuk ransomware attacks unnamed US maritime transportation facilityThe infection affected the facility’s corporate network and industrial control systems that control cargo transfer. The primary operations of the facility were shut down for over 30 hours
24 December 2019
German cities under attack by Emotet botnetEmotet was distributed via phishing emails and was used to deploy ransomware
20 December 2019
Multiple vulnerabilities in WAGO PLCsNine vulnerabilities have been identified in WAGO PFC200 and PFC100 PLCs. They could lead to arbitrary code execution or cause denial of service
20 December 2019
More ransomware attacksVictims of the latest attacks include Pensacola and New Orleans city administrations in the US and a hospital in Benešov (Czech Republic)
19 December 2019
Multiple vulnerabilities in Modicon controllersIf exploited, the vulnerabilities could result in denial of service. They can be fixed by updating device firmware
18 December 2019
Multiple vulnerabilities in SPPA-T3000 componentsVulnerabilities have been identified in SPPA-T3000 Application Server and MS3000 Migration Server. Some of the faults are critical and could allow attackers to execute arbitrary code on the server
Filter