Steganography in attacks on industrial enterprises (updated)
Kaspersky ICS CERT experts have identified a series of attacks on organizations located in different countries.
Overview of recommendations on organizing secure remote work for critical infrastructure and other facilities
Due to the СOVID-19 pandemic, many organizations have had to switch to remote work. The sheer scale of the change has given rise to numerous discussions on the security of working remotely among information security experts, including those who focus on industrial cybersecurity. Do issues related to the security of remote work affect critical infrastructure...
Threat landscape for industrial automation systems. 2019 Report at a glance
In 2019, Kaspersky ICS CERT identified 103 vulnerabilities in industrial, IIoT/IoT, and other types of solutions.
Threat landscape for industrial automation systems. Vulnerabilities identified in 2019
The analysis of vulnerabilities was performed based on vendor advisories, publicly available information from open vulnerability databases (US ICS-CERT, CVE, Siemens Product CERT), as well as the results of Kaspersky ICS CERT’s own research.
Threat landscape for industrial automation systems. APT attacks on industrial companies in 2019
In February 2019, researchers from the 360 Threat Intelligence Center reported continuing targeted attacks on Colombian government institutions and large companies in the financial sector, petroleum industry, manufacturing and other sectors.
Threat landscape for industrial automation systems. Ransomware and other malware: key events of H2 2019
This section presents an overview of threats related to ransomware activity against municipal institutions, industrial enterprises and critical infrastructure facilities.
Threat landscape for industrial automation systems. Overall global statistics – H2 2019
The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
WildPressure targets industrial-related entities in the Middle East
We found just three almost unique samples, all in one country. So we consider the attacks to be targeted and have currently named this operation WildPressure.
Biometric data processing and storage system threats
Biometric data processing and storage Threats blocked on biometric data processing and storage systems Research focus Reporting period One third of systems under threat Threat sources Most dangerous Conclusion Initially, digital biometric data processing systems were used primarily by government agencies and special services (police, customs, etc.). However, the rapid evolution of information technology has...
VNC vulnerability research
Preparing for the research System description Possible attack vectors Objects of research Prior research Research findings LibVNC TightVNC TurboVNC UltraVNC CVE-2018-15361 CVE-2019-8262 Conclusion In this article, we discuss the findings of research which covered several different implementations of a remote access system called Virtual Network Computing (VNC). As a result of this research, we...