08 September 2022
H1 2022 – a brief overview of the main incidents in industrial cybersecurityEvents in the cybersecurity world, including ICS, were intense in H1 2022.
Filter
08 September 2022
Threat landscape for industrial automation systems. Statistics for H1 2022The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
08 August 2022
Targeted attack on industrial enterprises and public institutionsThe attackers were able to penetrate dozens of enterprises and even hijack the IT infrastructure of some, taking control of systems used to manage security solutions. The goal of this series of attacks was cyberespionage.
06 July 2022
Dynamic analysis of firmware components in IoT devicesFirmware analysis is an essential part of security research and targeted search for vulnerabilities in IoT products. This article examines conventional methods of dynamic analysis and some less obvious methods.
27 June 2022
Attacks on industrial control systems using ShadowPadA previously unknown Chinese-speaking threat actor attacking telecommunications, manufacturing, and transport organizations in several Asian countries. The group exploits MS Exchange vulnerability to deploy ShadowPad malware and infiltrates building automation systems of one of the victims.
23 May 2022
ISaPWN – research on the security of ISaGRAF RuntimeThis report includes an analysis of the ISaGRAF framework, its architecture, the IXL and SNCP protocols and the description of several vulnerabilities the Kaspersky ICS CERT team had identified.
03 March 2022
Threat landscape for industrial automation systems. Statistics for H2 2021The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
28 February 2022
APT attacks on industrial companies in H2 2021This summary provides an overview of APT attacks on industrial enterprises disclosed in H2 2021.
19 January 2022
Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networksTargets of spyware attacks in which each malware sample has a limited-scope and a short lifetime include industrial enterprises. Victim organizations’ SMTP services are abused to send phishing emails and collect stolen data.
30 December 2021
Log4Shell at industrial enterprisesAlthough it is still difficult to say to what extent vulnerable ICS systems are exposed to potential attacks, we hope that, unlike IT infrastructures, most vulnerable OT systems cannot accept inputs coming from untrusted sources.
Filter
08 November 2018
Schneider Electric has fixed a vulnerability in SESU softwareThe vulnerability affects the Schneider Electric Software Update (SESU) tool, which is used to notify users when updated Schneider Electric software is available
08 November 2018
Critical vulnerabilities in CirCarLife electric vehicle chargersSuccessful exploitation of these vulnerabilities could allow a remote attacker to retrieve credentials to bypass authentication, and to access critical information
07 November 2018
Critical vulnerabilities in AVEVA industrial softwareThe vulnerabilities affect InduSoft Web Studio and InTouch Edge HMI and could allow remote execution of arbitrary code
29 October 2018
Multiple vulnerabilities in Advantech WebAccessVulnerabilities identified in Advantech WebAccess include buffer overflow, path traversal, improper privilege management, etc.
22 October 2018
Phishing attack targeting Italian naval and defense industryThe attackers attempted to infect computers with MartyMcFly remote access Trojan using phishing emails with malicious attachments
19 October 2018
New GreyEnergy malware attacks industrial networksExperts point to the similarities between the new malware and BlackEnergy, and a possible connection of the attacks with the TeleBots criminal group
12 October 2018
Siemens fixes new vulnerabilities in its productsVulnerable products include ROX II operating system, SIMATIC S7-1200 CPU family, SCALANCE W1750D access point and some SIMATIC PLCs
10 October 2018
Multiple vulnerabilities in Wecon PI StudioWecon PI Studio HMI solutions are affected by multiple vulnerabilities that could allow remote code execution and disclosure of sensitive information, including in the context of an administrator
05 October 2018
Critical vulnerabilities in Entes EMG 12 convertersVulnerabilities in the web interface of EMG12 Ethernet Modbus Gateway devices could allow unauthorized access to the devices and the ability to change device configuration
02 October 2018
Multiple vulnerabilities in Fuji Electric industrial productsMultiple vulnerabilities affect the Alpha5 Smart Loader servo system, FRENIC Loader software, and FRENIC-Ace, FRENIC-Mini, FRENIC-Eco, FRENIC-Multi, and FRENIC-MEGA inverters
Filter