Industrial threats – Page 3

Managed detection and response in 2021

Posted on May 26, 2022 by Kaspersky Security Services

Kaspersky Managed Detection and Response (MDR) services in 2021 in facts and figures: number of security incidents detected, their severity, etc. Continue reading Managed detection and response in 2021→

ISaPWN – research on the security of ISaGRAF Runtime

Posted on May 23, 2022 by Evgeny Goncharov, Artem Zinenko, Alexander Nochvay

This report includes an analysis of the ISaGRAF framework, its architecture, the IXL and SNCP protocols and the description of several vulnerabilities the Kaspersky ICS CERT team had identified. Continue reading ISaPWN – research on the security of ISaGRAF Runtime→

Threat landscape for industrial automation systems, H2 2021

Posted on March 3, 2022 by Kaspersky ICS CERT

By 2021 everyone got used to pandemic limitations – industrial organization employees and IT security professionals and threat actors. If we compare the numbers from 2020 and 2021, we see that 2021 looks more stable, particularly in H2. Continue reading Threat landscape for industrial automation systems, H2 2021→

Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks

Posted on January 19, 2022 by Kirill Kruglov

Kaspersky ICS CERT has uncovered a number of spyware campaigns targeting industrial enterprises. Continue reading Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks→

PseudoManuscrypt: a mass-scale spyware attack campaign

Posted on December 16, 2021 by Kaspersky ICS CERT

Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT group’s arsenal. Continue reading PseudoManuscrypt: a mass-scale spyware attack campaign→

Kaspersky Managed Detection and Response: interesting cases

Posted on December 15, 2021 by Petr Mareichev, Sergey Soldatov

Several interesting attacks detected by Kaspersky Managed Detection and Response (MDR): two PrintNightmare exploitation attempts, MuddyWater attack and LSASS credential dumping. Continue reading Kaspersky Managed Detection and Response: interesting cases→

Kaspersky Managed Detection and Response: interesting cases

Posted on December 15, 2021 by Petr Mareichev, Sergey Soldatov

Threats to ICS and industrial enterprises in 2022

Posted on November 23, 2021 by Evgeny Goncharov

In recent years, we have observed various trends in the changing threat landscape for industrial enterprises. We can say with high confidence that many of these trends will not only continue, but gain new traction in the coming year. Continue reading Threats to ICS and industrial enterprises in 2022→

Incident response analyst report 2020

Posted on September 13, 2021 by Kaspersky Security Services, Kaspersky GERT

We deliver a range of services: incident response, digital forensics and malware analysis. Data in the report comes from our daily practices with organizations seeking assistance with full-blown incident response or complementary expert activities for their internal incident response teams. Continue reading Incident response analyst report 2020→

Threat landscape for industrial automation systems in H1 2021

Posted on September 9, 2021 by Kaspersky ICS CERT

Statistics on industrial automation system threats in the first half of 2021: by Kaspersky ICS CERT: share of attacked ICS computers, detected malware etc. Continue reading Threat landscape for industrial automation systems in H1 2021→