01 December 2025
APT and financial attacks on industrial organizations in Q3 2025Using of AI, trusted relationships and historical security problems of traditional OS – there are some interesting details of attacks on industrial enterprises.
Publications
Filter
20 November 2025
God Mode On: Researchers run Doom on a vehicle’s head unit after remotely attacking its modemExploiting a vulnerability identified in a modem installed in the head units of some vehicles enabled Kaspersky ICS CERT experts to gain complete control of the system.
09 October 2025
A brief overview of the main incidents in industrial cybersecurity. Q2 2025More than 130 incidents were publicly confirmed by victims. Among them are not only high-profiled technology corporations and enterprises, but also the lake dam.
23 September 2025
Threat landscape for industrial automation systems. Europe, Q2 2025In Southern and Eastern Europe, the risk of targeted attacks is high – there are high levels of email threats (phishing) and spyware. The review of key cybersecurity issues in European regions.
23 September 2025
Threat landscape for industrial automation systems. Russia, Q2 2025The region where the main threat source is the internet and the percentage of ICS computers on which miners in the form of executable files for Windows were blocked is usually high.
22 September 2025
Threat landscape for industrial automation systems. Middle East, Q2 2025The region with high risk of targeted attacks against the technological infrastructures of industrial enterprises
22 September 2025
Threat landscape for industrial automation systems. South and North America (Canada), Q2 2025The percentage of threats from email clients increased significantly in South America, and from the internet – in North America (Canada). The review of key cybersecurity issues in these regions.
19 September 2025
Threat landscape for industrial automation systems. Australia and New Zealand, Q2 2025The region ranks first in terms of the percentage of ICS computers on which malicious objects were blocked increase.
19 September 2025
Threat landscape for industrial automation systems. Asia, Q2 2025South-East Asia ranks first in the world in terms of the percentage of ICS computers on which viruses and malware for AutoCAD were blocked. The review of key cybersecurity issues in Asian regions.
18 September 2025
Threat landscape for industrial automation systems. Africa, Q2 2025The leader in the percentage of ICS computers on which malicious objects were blocked for many years. The region with low cybersecurity maturity of industrial organizations.
Filter
30 October 2025
“Security researchers are the main factor motivating automakers to invest in protecting their products”Industrial system vulnerability research experts discuss threats associated with over-the-air data transmission technologies, attack vectors targeting electric vehicles specifically, the evolution of transportation systems from a cybersecurity perspective, and the role of artificial intelligence in ensuring cybersecurity.
15 April 2025
“Security by design helps you stay one step ahead”Kaspersky expert discusses the challenges of assessing the security of industrial facilities and the role of the professional community in their protection, the reasons behind security issues in rapidly evolving industries, and the impact of digitalization on society.
30 May 2023
Why APTs are so successful – stories from IR trenchesDuring IR, while trying to figure out what went wrong, we’ve found numerous issues
12 December 2022
Unusual penetration techniques – in the wild and in Red Team researchI would like to talk about some of the tricks and methods I have seen used to gain that all important initial access to remote systems. Specifically, the unexpected and unusual.
24 May 2022
Draft of the NIST Guide #800-82 – what has changedThe release of the third version of the Guide to Operational Technology (OT) Security, SP 800-82 Rev. 3, is, without a doubt, a milestone. Is the third version as good as the previous ones? What has changed?
20 April 2022
Vulnerability in ICS: assessing the severityOn the last day of March 2022, Claroty (Team82) published an article on two vulnerabilities they had identified in Rockwell Automation products. We believe that the severity of these vulnerabilities has been significantly exaggerated. At the same time, the most dangerous vulnerability in the same products has remained unnoticed.
31 March 2022
Vulnerabilities in Tekon-Automatics solution: (ir)responsible disclosure and scope of the problemResearcher Jose Bertin described the exploitation of several vulnerabilities in a Tekon-Automatics automation solution. We analyze the real scope of what has happened and offer our take on whether this can be considered ethical vulnerability disclosure.
28 March 2022
Kaspersky’s statement on the FIRST membership suspensionKaspersky ICS CERT received a letter from FIRST, notifying that its membership has been temporarily suspended. Kaspersky is disappointed by this decision and believes that it hurts the international community of experts and the cybersecurity industry as a whole.
31 March 2021
Good old buffer overflowCISA has issued an advisory on a Rockwell Automation MicroLogix 1400 buffer overflow vulnerability
30 March 2021
Network Asset Traversal or NATural disaster: NAT Slipstreaming 2.0NAT bypassing techniques recently published by researchers are particularly dangerous for OT networks of industrial enterprises
Filter
23
Sep 2025
The Kaspersky Industrial Cybersecurity Conference, one of the leading international events in the field of industrial cybersecurity, takes place from September 23 to 25.
26
March 2024
As the industrial landscape evolves, so do the threats that accompany it. While many industrial threats may be developing slowly from year to year, subtle changes are reaching a critical mass, poised to reshape the cybersecurity landscape in the near future.
22
Dec 2021
TÜV Austria Academy will offer Kaspersky training courses
The cooperation between Kaspersky and the TÜV Austria Academy focuses on jointly implementing innovative certified training courses for specialists in information technology and industrial systems. The corresponding contract was signed at the end of November.
2
Dec 2021
Kaspersky Industrial Cybersecurity Conference 2021
The 9th annual Kaspersky Industrial Cybersecurity Conference took place in Sochi on September 8-10.
29
Oct 2021
Are industrial organizations a target for cybercriminals?
Kaspersky ICS CERT experts virtually provided ICS Training for Executives
24
Nov 2020
Kaspersky ICS CERT goes virtual with the Deggendorf Institute of Technology!
Kaspersky’s mission incorporates education on all levels, including collaborations with universities. As part of this mission, we have been working with the Deggendorf Institute of Technology (DIT) for the past eighteen months.
30
Jan 2020
Kaspersky conducts ICS digital forensics and incident response training course in China
Beijing, 23-27 December 2019: Kaspersky ICS CERT together with the China Industrial Control Systems Cyber Emergency Response Team (CIC) conducted a training course on digital forensics and incident response in industrial control systems.
6
Oct 2021
Applied industrial cybersecurity by Kaspersky at the Deggendorf Institute of Technology
October 14 and 15, 2019, Kaspersky ICS CERT experts provided an exclusive two-day training program on applied industrial cybersecurity at the Deggendorf Institute of Technology (DIT) for graduate students specializing in cybersecurity, as well as for 30 students from various DIT courses.
1
Nov 2019
7th Kaspersky Industrial Cybersecurity Conference
Kaspersky’s seventh international conference dedicated to industrial cybersecurity took place on September 18-20 in Sochi, Russia.
29
Apr 2019
Kaspersky Industrial CTF 2019 Finals Results
The finals of the Kaspersky Industrial CTF, an industrial cybersecurity contest, were just held in Singapore. The winner is the LC/BC team from Russia