Filter
09 October 2025
A brief overview of the main incidents in industrial cybersecurity. Q2 2025More than 130 incidents were publicly confirmed by victims. Among them are not only high-profiled technology corporations and enterprises, but also the lake dam.
23 September 2025
Threat landscape for industrial automation systems. Europe, Q2 2025In Southern and Eastern Europe, the risk of targeted attacks is high – there are high levels of email threats (phishing) and spyware. The review of key cybersecurity issues in European regions.
23 September 2025
Threat landscape for industrial automation systems. Russia, Q2 2025The region where the main threat source is the internet and the percentage of ICS computers on which miners in the form of executable files for Windows were blocked is usually high.
22 September 2025
Threat landscape for industrial automation systems. Middle East, Q2 2025The region with high risk of targeted attacks against the technological infrastructures of industrial enterprises
22 September 2025
Threat landscape for industrial automation systems. South and North America (Canada), Q2 2025The percentage of threats from email clients increased significantly in South America, and from the internet – in North America (Canada). The review of key cybersecurity issues in these regions.
19 September 2025
Threat landscape for industrial automation systems. Australia and New Zealand, Q2 2025The region ranks first in terms of the percentage of ICS computers on which malicious objects were blocked increase.
19 September 2025
Threat landscape for industrial automation systems. Asia, Q2 2025South-East Asia ranks first in the world in terms of the percentage of ICS computers on which viruses and malware for AutoCAD were blocked. The review of key cybersecurity issues in Asian regions.
18 September 2025
Threat landscape for industrial automation systems. Africa, Q2 2025The leader in the percentage of ICS computers on which malicious objects were blocked for many years. The region with low cybersecurity maturity of industrial organizations.
11 September 2025
Threat landscape for industrial automation systems. Q2 2025The percentage of ICS computers on which denylisted internet resources were blocked increased in all regions. This growth is associated with the addition of direct links to malicious code hosted on popular public websites and file services.
10 September 2025
Dynamics of external and internal threats to industrial control systems. Q2 2025A segmentation of the attacked ICS computers into categories based on the malware blocked and the sources of its entry which helps to understand the ICS threat landscape better and identify the factors that affect it.
Filter
30 October 2025
“Security researchers are the main factor motivating automakers to invest in protecting their products”Industrial system vulnerability research experts discuss threats associated with over-the-air data transmission technologies, attack vectors targeting electric vehicles specifically, the evolution of transportation systems from a cybersecurity perspective, and the role of artificial intelligence in ensuring cybersecurity.
15 April 2025
“Security by design helps you stay one step ahead”Kaspersky expert discusses the challenges of assessing the security of industrial facilities and the role of the professional community in their protection, the reasons behind security issues in rapidly evolving industries, and the impact of digitalization on society.
30 May 2023
Why APTs are so successful – stories from IR trenchesDuring IR, while trying to figure out what went wrong, we’ve found numerous issues
12 December 2022
Unusual penetration techniques – in the wild and in Red Team researchI would like to talk about some of the tricks and methods I have seen used to gain that all important initial access to remote systems. Specifically, the unexpected and unusual.
24 May 2022
Draft of the NIST Guide #800-82 – what has changedThe release of the third version of the Guide to Operational Technology (OT) Security, SP 800-82 Rev. 3, is, without a doubt, a milestone. Is the third version as good as the previous ones? What has changed?
20 April 2022
Vulnerability in ICS: assessing the severityOn the last day of March 2022, Claroty (Team82) published an article on two vulnerabilities they had identified in Rockwell Automation products. We believe that the severity of these vulnerabilities has been significantly exaggerated. At the same time, the most dangerous vulnerability in the same products has remained unnoticed.
31 March 2022
Vulnerabilities in Tekon-Automatics solution: (ir)responsible disclosure and scope of the problemResearcher Jose Bertin described the exploitation of several vulnerabilities in a Tekon-Automatics automation solution. We analyze the real scope of what has happened and offer our take on whether this can be considered ethical vulnerability disclosure.
28 March 2022
Kaspersky’s statement on the FIRST membership suspensionKaspersky ICS CERT received a letter from FIRST, notifying that its membership has been temporarily suspended. Kaspersky is disappointed by this decision and believes that it hurts the international community of experts and the cybersecurity industry as a whole.
31 March 2021
Good old buffer overflowCISA has issued an advisory on a Rockwell Automation MicroLogix 1400 buffer overflow vulnerability
30 March 2021
Network Asset Traversal or NATural disaster: NAT Slipstreaming 2.0NAT bypassing techniques recently published by researchers are particularly dangerous for OT networks of industrial enterprises
Filter
The Kaspersky Industrial Cybersecurity Conference, one of the leading international events in the field of industrial cybersecurity, takes place from September 23 to 25.
As the industrial landscape evolves, so do the threats that accompany it. While many industrial threats may be developing slowly from year to year, subtle changes are reaching a critical mass, poised to reshape the cybersecurity landscape in the near future.
The cooperation between Kaspersky and the TÜV Austria Academy focuses on jointly implementing innovative certified training courses for specialists in information technology and industrial systems. The corresponding contract was signed at the end of November.
The 9th annual Kaspersky Industrial Cybersecurity Conference took place in Sochi on September 8-10.
Kaspersky ICS CERT experts virtually provided ICS Training for Executives
Kaspersky’s mission incorporates education on all levels, including collaborations with universities. As part of this mission, we have been working with the Deggendorf Institute of Technology (DIT) for the past eighteen months.
Beijing, 23-27 December 2019: Kaspersky ICS CERT together with the China Industrial Control Systems Cyber Emergency Response Team (CIC) conducted a training course on digital forensics and incident response in industrial control systems.
October 14 and 15, 2019, Kaspersky ICS CERT experts provided an exclusive two-day training program on applied industrial cybersecurity at the Deggendorf Institute of Technology (DIT) for graduate students specializing in cybersecurity, as well as for 30 students from various DIT courses.
Kaspersky’s seventh international conference dedicated to industrial cybersecurity took place on September 18-20 in Sochi, Russia.
The finals of the Kaspersky Industrial CTF, an industrial cybersecurity contest, were just held in Singapore. The winner is the LC/BC team from Russia