Filter
27 June 2022
Attacks on industrial control systems using ShadowPadA previously unknown Chinese-speaking threat actor attacking telecommunications, manufacturing, and transport organizations in several Asian countries. The group exploits MS Exchange vulnerability to deploy ShadowPad malware and infiltrates building automation systems of one of the victims.
23 May 2022
ISaPWN – research on the security of ISaGRAF RuntimeThis report includes an analysis of the ISaGRAF framework, its architecture, the IXL and SNCP protocols and the description of several vulnerabilities the Kaspersky ICS CERT team had identified.
03 March 2022
Threat landscape for industrial automation systems. Statistics for H2 2021The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
28 February 2022
APT attacks on industrial companies in H2 2021This summary provides an overview of APT attacks on industrial enterprises disclosed in H2 2021.
19 January 2022
Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networksTargets of spyware attacks in which each malware sample has a limited-scope and a short lifetime include industrial enterprises. Victim organizations’ SMTP services are abused to send phishing emails and collect stolen data.
30 December 2021
Log4Shell at industrial enterprisesAlthough it is still difficult to say to what extent vulnerable ICS systems are exposed to potential attacks, we hope that, unlike IT infrastructures, most vulnerable OT systems cannot accept inputs coming from untrusted sources.
16 December 2021
PseudoManuscrypt: a mass-scale spyware attack campaignKaspersky products blocked PseudoManuscrypt on more than 35,000 computers in 195 countries of the world. Targets of attacks include a significant number of industrial and government organizations, including enterprises in the military-industrial complex and research laboratories.
23 November 2021
Threats to ICS and industrial enterprises in 2022 as they are foreseen from November 2021In recent years, we have observed various trends in the changing threat landscape for industrial enterprises, most of which have been evolving for some time. We can say with high confidence that many of these trends will not only continue, but gain new traction in the coming year.
26 October 2021
APT attacks on industrial organizations in H1 2021This summary provides an overview of APT attacks on industrial enterprises disclosed in H1 2021.
09 September 2021
Threat landscape for industrial automation systems. Statistics for H1 2021The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
Filter
01 October 2019
Cyberattack on Rheinmetall technology groupA malware attack has disrupted production at Rheinmetall Group plants in three countries. The company expects it to take 2 to 4 weeks to eliminate the disruption
11 September 2019
Multiple vulnerabilities identified in Red Lion Controls Crimson softwareSuccessful exploitation of the vulnerabilities could allow an attacker to execute arbitrary code, crash the device or view protected data
11 September 2019
Software vulnerabilities in EZ Touch Editor and EZ PLC EditorExploitation of the vulnerabilities could lead to remote code execution
29 August 2019
State of Industrial Cybersecurity: survey by Kaspersky and ARC Advisory GroupARC Advisory Group and Kaspersky have presented a survey on the state of industrial cybersecurity in 2019
16 August 2019
Industrial Internet Consortium will support Kaspersky Industrial Cybersecurity Conference 2019 as Association PartnerIndustrial Internet Consortium will take part in the Kaspersky Industrial Cybersecurity Conference 2019 in Sochi as an Association Partner. Don't miss the IIC delegate's presentation!
26 July 2019
Vulnerabilities fixed in Mitsubishi Electric FR Configurator2The vulnerabilities could allow an attacker to read arbitrary files or cause a denial-of-service condition
16 July 2019
Dangerous vulnerabilities in Siemens TIA Administrator, SIMATIC WinCC and PCS7Vulnerabilities can lead to a denial-of-service condition and command execution without proper authentication
16 July 2019
Dangerous vulnerability in the IGSS systemThe vulnerability could allow an attacker to force the software to crash or to execute arbitrary code
16 July 2019
Multiple vulnerabilities in Schneider Electric Floating License ManagerIn addition to Schneider Electric, security issues affect products from AVEVA Vijeo Citect and Citect SCADA
09 July 2019
New vulnerability in Schneider Electric Modicon PLCsThe vulnerability is due to an improper check for unusual or exceptional conditions and could lead to denial of service
Filter