01 July 2019
How we hacked our colleague’s smart home, or morning drum & bass
In this article, we publish the results of our study of the Fibaro Home Center smart home. We identified vulnerabilities in Fibaro Home Center 2 and Fibaro Home Center Lite version 4.540, as well as vulnerabilities in the online API.
27 March 2019
Threat landscape for industrial automation systems. H2 2018
Main events of the six-month period, vulnerabilities identified in 2018, relevant threats, and statistics from ICS computers protected by Kaspersky products.
24 January 2019
GreyEnergy’s overlap with Zebrocy
Zebrocy is the name given to a subset of the Sofacy group (aka Fancy Bear, Sednit, APT28, Tsar Team, etc.). GreyEnergy and Zebrocy used the same servers at the same time and attacked the same organization.
22 January 2019
Security research: ThingsPro Suite – IIoT gateway and device manager by Moxa
The security of products such as IIoT requires special attention. This time, the subject of our research was the ThingsPro Suite, an IIoT gateway and device manager from Moxa.
17 January 2019
Challenges of industrial cybersecurity
Factors that have a significant effect, now and going forward, on the threat landscape, on the development, implementation, and use of organizational and technical measures to protect industrial facilities, and the main issues associated with ensuring the cybersecurity of industrial enterprises.
20 September 2018
Threats posed by using RATs in ICS
The paper provides an analysis of the prevalence of remote administration tools on OT networks and the threats associated with their use.
06 September 2018
Threat landscape for industrial automation systems: H1 2018
In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of its research on the threat landscape for industrial automation systems conducted during the first half of 2018.
01 August 2018
Attacks on industrial enterprises using RMS and TeamViewer
The malware used in these attacks installs legitimate remote administration software – TeamViewer or RMS – on the system. This enables the attackers to gain remote control of infected systems.
28 June 2018
The State of Industrial Cybersecurity 2018: findings of joint survey by Kaspersky Lab and PAC
Kaspersky Lab has published the results of The State of Industrial Cybersecurity study carried out in collaboration with PAC, a CXP Group Company, and based on a survey of 320 professionals representing companies from such sectors as manufacturing and industrial production, energy, mining, transport, and logistics.
10 May 2018
OPC UA security analysis
This paper discusses our project that involved searching for vulnerabilities in implementations of the OPC UA protocol. In publishing this material, we hope to draw the attention of vendors that develop software for industrial automation systems and the industrial internet of things to problems associated with using such widely available technologies, which turned out to be quite common.