Industrial threats

The data collected from Kaspersky Lab products shows that the tools used to attack businesses differ from those used against home users. Let’s have a look back at the major incidents of 2015 and at the new trends we have observed in information security within the business environment.

Microsoft releases six Security Bulletins today, three of them “critical” remote code execution, to fix almost thirty CVE-enumerated vulnerabilities. None of them are known to be publicly exploited, and only a couple are known to be publicly discussed.

In this post, let’s examine several additional plugins more closely, targeting details around BE2 Siemens exploitation, and some of their unusual coding failures.

Industrial systems, critically important installations and other key facilities require the very latest protection technologies.

Our investigation and research of Duqu malware continues.

First of all, we feel it necessary to clarify some of the confusion surrounding the files and their names related to this incident. To get a full understanding of the situation you only need to know that we’re talking about just two malicious programs here (at a minimum) – the main module and a keylogger.

This work-in-progress investigation tracks the Duqu Trojan and offers some answers to commonly asked questions.

On the first anniversary of Stuxnet, Roel Schouwenberg discusses gaping holes in Industrial Control Systems and the risks associated with these vulnerabilities.

Ever since Stuxnet hit the news last year, there has been an increased interest in the area of industrial control systems (ICS). This has been evidenced by the fact that we’ve seen a recent surge in public releases of zero-day (unpatched) vulnerabilities and exploits.

It is more than 20 years since the first PC virus appeared. Since then, the nature of threats has changed significantly