Filter
01 August 2018
Attacks on industrial enterprises using RMS and TeamViewerThe malware used in these attacks installs legitimate remote administration software – TeamViewer or RMS – on the system. This enables the attackers to gain remote control of infected systems.
28 June 2018
The State of Industrial Cybersecurity 2018: findings of joint survey by Kaspersky Lab and PACKaspersky Lab has published the results of The State of Industrial Cybersecurity study carried out in collaboration with PAC, a CXP Group Company, and based on a survey of 320 professionals representing companies from such sectors as manufacturing and industrial production, energy, mining, transport, and logistics.
10 May 2018
OPC UA security analysisThis paper discusses our project that involved searching for vulnerabilities in implementations of the OPC UA protocol. In publishing this material, we hope to draw the attention of vendors that develop software for industrial automation systems and the industrial internet of things to problems associated with using such widely available technologies, which turned out to be quite common.
23 April 2018
Energetic Bear / Crouching Yeti: attacks on serversThis report by Kaspersky Lab ICS CERT presents information on identified servers that have been infected and used by the group. The report also includes the findings of an analysis of several webservers compromised by the Energetic Bear group during 2016 and in early 2017.
26 March 2018
Threat Landscape for Industrial Automation Systems in H2 2017In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of its research on the threat landscape for industrial automation systems conducted during the second half of 2017.
12 March 2018
Somebody’s watching! When cameras are more than just ‘smart’The researchers at Kaspersky Lab ICS CERT decided to check the popular smart camera to see how well protected it is against cyber abuses.
28 February 2018
IoT hack: how to break a smart home… againThere can never be too many IoT gadgets – that’s what people usually think when buying yet another connected device with advanced functionality. From our perspective, we also think there can’t be too many IoT investigations.
07 February 2018
Gas is too expensive? Let’s make it cheap!A few months ago, while undertaking unrelated research into online connected devices, we uncovered something surprising and realized almost immediately that we could be looking at a critical security threat.
22 January 2018
A silver bullet for the attacker. A study into the security of hardware license tokensIn the past years, the problem of vulnerabilities in industrial automation systems has been becoming increasingly important. The fact that industrial control systems have been developing in parallel with IT systems, relatively independently and often without regard for modern secure coding practices is probably the main source of ICS security problems.
16 January 2018
MLAD: Machine Learning for Anomaly DetectionModern industrial control systems (ICS) are cyber-physical systems that include IT infrastructure and operational technologies or OT infrastructure. Attacks on OT pose the greatest danger and are very difficult to detect. The MLAD (Machine Learning for Anomaly Detection) technology is designed to protect OT.
Filter
Filter
31 August 2018
Vulnerabilities in Schneider Electric industrial devicesNew vulnerabilities have been identified in Schneider Electric PM5560 power meter and Modicon M221 logic controller
22 August 2018
Princeton University researchers: causing power outages with IoT botnetA study has been published on the ways in which high-wattage smart devices could be used in attacks on the power grid
22 August 2018
Multiple vulnerabilities in Emerson DeltaV DCS industrial workstationsCritical vulnerabilities in industrial PCs used by Emerson’s DeltaV distributed control system could allow arbitrary code execution, malware injection or malware propagation to other workstations
06 August 2018
APT group called RASPITE attacks industrial enterprisesDragos has published information on a newly-identified APT group, which it calls RASPITE. According to Dragos, the group's activity overlaps significantly with that of Leafminer, a group identified earlier by Symantec
06 August 2018
The Third Specialized Conference “IT Security for Industrial Systems” in FrankfurtOn November 12 – 13 the Third Specialized Conference “IT Security for Industrial Systems” will be held in Frankfurt.
03 August 2018
Critical vulnerabilities in WECON LeviStudioUBuffer overflow vulnerabilities in WECON LeviStudioU could allow remote code execution.
24 July 2018
Buffer overflow vulnerabilities in AVEVA HMI solutionsVulnerabilities in HMI solutions InduSoft Web Studio, InTouch Machine Edition and InTouch could allow remote code execution and cause systems to be compromised
23 July 2018
Dangerous vulnerability fixed in Moxa NPort serial network interface devicesA vulnerability in Moxa NPort 5210, 5230 and 5232 devices could allow a remote attacker to cause a resource exhaustion condition
19 July 2018
Dangerous vulnerability identified in ABB Panel Builder 800 engineering softwareA vulnerability in Panel Builder 800 engineering software installed on ABB Panel 800 HMI devices could enable attackers to plant and execute arbitrary code on affected devices
17 July 2018
Multiple vulnerabilities fixed in WAGO operator panelsWAGO has fixed multiple vulnerabilities in e!DISPLAY 7300T series HMA devices. Exploitation of these vulnerabilities could enable attackers to execute arbitrary code or overwrite critical files