Filter
06 March 2023
Threat landscape for industrial automation systems. Statistics for H2 2022The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
22 November 2022
ICS cyberthreats in 2023 – what to expectCybersecurity incidents were plentiful in 2022, causing many problems for industrial infrastructure owners and operators. Below we share some of our thoughts on potential developments of 2023, though we cannot claim to be providing either a complete picture or a high degree of precision.
20 October 2022
Digital twins and ensuring the cybersecurity of enterprises. Oil and gas industryIn modern technology-intensive production, IT and large-scale digitalization, and therefore new cybersecurity technologies, are essential to remaining competitive, reducing costs associated with maintaining the existing infrastructure, and increasing net profits.
29 September 2022
The secrets of Schneider Electric’s UMAS protocolThe UMAS protocol, in its implementation prior to the version in which the CVE-2021-22779 vulnerability was fixed, had significant shortcomings that had a critical effect on the security of control systems based on Schneider Electric controllers.
08 September 2022
H1 2022 – a brief overview of the main incidents in industrial cybersecurityEvents in the cybersecurity world, including ICS, were intense in H1 2022.
08 September 2022
Threat landscape for industrial automation systems. Statistics for H1 2022The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
08 August 2022
Targeted attack on industrial enterprises and public institutionsThe attackers were able to penetrate dozens of enterprises and even hijack the IT infrastructure of some, taking control of systems used to manage security solutions. The goal of this series of attacks was cyberespionage.
06 July 2022
Dynamic analysis of firmware components in IoT devicesFirmware analysis is an essential part of security research and targeted search for vulnerabilities in IoT products. This article examines conventional methods of dynamic analysis and some less obvious methods.
27 June 2022
Attacks on industrial control systems using ShadowPadA previously unknown Chinese-speaking threat actor attacking telecommunications, manufacturing, and transport organizations in several Asian countries. The group exploits MS Exchange vulnerability to deploy ShadowPad malware and infiltrates building automation systems of one of the victims.
23 May 2022
ISaPWN – research on the security of ISaGRAF RuntimeThis report includes an analysis of the ISaGRAF framework, its architecture, the IXL and SNCP protocols and the description of several vulnerabilities the Kaspersky ICS CERT team had identified.
Filter
09 July 2019
New vulnerability in Schneider Electric Modicon PLCsThe vulnerability is due to an improper check for unusual or exceptional conditions and could lead to denial of service
28 June 2019
Multiple vulnerabilities in ABB HMI solutionsThe vulnerabilities affect CP635 and CP651 control panels and PB610 Panel Builder 600
28 June 2019
Critical vulnerability in SICK MSC800 PLCThe vulnerability is caused by the use of hard-coded credentials
28 June 2019
Multiple vulnerabilities in Advantech WebAccess/SCADAThe vulnerabilities could lead to the disclosure of important information, deletion of files and remote code execution
24 June 2019
Vulnerabilities in Phoenix Contact’s Automation Worx Software SuiteSuccessful exploitations of the vulnerabilities could lead to remote execution of arbitrary code
17 June 2019
Critical vulnerabilities in WAGO industrial switchesExploitation of the vulnerabilities could allow a remote compromise of the managed switch, resulting in disruption of communication and root access to the operating system
14 June 2019
Ransomware disrupts production at four ASCO Industries plantsA ransomware attack has caused ASCO plants in Belgium, Germany, Canada and the US to suspend their operations. 1000 employees have been placed on a one-week leave
11 June 2019
Dangerous vulnerabilities identified in Phoenix Contact industrial switches and controllersThe vulnerabilities allow attackers to gain unauthorized access to device configuration, decrypt passwords, cause denial of service, or bypass authentication
11 June 2019
Dangerous vulnerability fixed in Cisco Industrial Network DirectorThe vulnerability could be used by an authenticated, remote attacker to execute arbitrary code on devices running vulnerable software
10 June 2019
Multiple vulnerabilities in Optergy Proton/Enterprise building management systemIf successfully exploited, the vulnerabilities could allow an attacker to execute code remotely and gain full system access
Filter