26 October 2021
APT attacks on industrial organizations in H1 2021This summary provides an overview of APT attacks on industrial enterprises disclosed in H1 2021.
Filter
09 September 2021
Threat landscape for industrial automation systems. Statistics for H1 2021The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
21 May 2021
DarkChronicles: the consequences of the Colonial Pipeline attackThis article began as an overview of the Colonial Pipeline incident. However, the events unfolded so rapidly that the scope of the publication has gone beyond a single incident.
07 April 2021
Vulnerability in FortiGate VPN servers is exploited in Cring ransomware attacksAn incident investigation conducted by Kaspersky ICS CERT experts at one of the attacked enterprises revealed that attacks of the Cring ransomware exploit a vulnerability in FortiGate VPN servers.
29 March 2021
APT attacks on industrial companies in 2020Overview of APT attacks on industrial enterprises information on which was published in 2020.
25 March 2021
Threat landscape for industrial automation systems. Statistics for H2 2020The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
17 March 2021
Threat landscape for the ICS engineering and integration sector. 2020The threat landscape for computers in the ICS engineering and integration sector varies depending on a computer’s environment, including its geographical location, ability to access external networks and services, and user behavior.
25 February 2021
Lazarus targets defense industry with ThreatNeedleIn mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.
26 January 2021
SunBurst industrial victimsHow many industrial organizations had installed backdoored SolarWinds versions? We present the results of our analysis.
02 December 2020
ICS threat predictions for 2021We present our vision of what challenges industrial cybersecurity will soon be (or already is) facing, and what to expect from cybercriminals in 2021.
Filter
02 October 2018
Critical vulnerabilities in Emerson AMS Device ManagerExploitation of vulnerabilities in Emerson AMS Device Manager, an industrial asset control system, could allow arbitrary code execution and malware injection
20 September 2018
Dangerous vulnerabilities in Siemens industrial solutionsNewly identified vulnerabilities affect SIMATIC WinCC OA HMI system, SCALANCE X switches and TD Keypad Designer tool
12 September 2018
Schneider Electric products shipped with infected USB mediaUSB media infected with malware were shipped with Conext ComBox and Conext Battery Monitor products
11 September 2018
Buffer overflow vulnerabilities in industrial automation products by Opto22The vulnerability affects PAC Control Basic and PAC Control Professional version R10.0а and earlier and could allow arbitrary code execution
31 August 2018
Vulnerabilities in Schneider Electric industrial devicesNew vulnerabilities have been identified in Schneider Electric PM5560 power meter and Modicon M221 logic controller
22 August 2018
Princeton University researchers: causing power outages with IoT botnetA study has been published on the ways in which high-wattage smart devices could be used in attacks on the power grid
22 August 2018
Multiple vulnerabilities in Emerson DeltaV DCS industrial workstationsCritical vulnerabilities in industrial PCs used by Emerson’s DeltaV distributed control system could allow arbitrary code execution, malware injection or malware propagation to other workstations
06 August 2018
APT group called RASPITE attacks industrial enterprisesDragos has published information on a newly-identified APT group, which it calls RASPITE. According to Dragos, the group's activity overlaps significantly with that of Leafminer, a group identified earlier by Symantec
06 August 2018
The Third Specialized Conference “IT Security for Industrial Systems” in FrankfurtOn November 12 – 13 the Third Specialized Conference “IT Security for Industrial Systems” will be held in Frankfurt.
03 August 2018
Critical vulnerabilities in WECON LeviStudioUBuffer overflow vulnerabilities in WECON LeviStudioU could allow remote code execution.
Filter