Threat Category: Industrial threats | Page 5

The telecoms sector is under fire on all sides – hit by direct attacks on organizations and networks, indirect attacks in search of subscribers, and collateral damage from unrelated, targeted campaigns. This report reveals the many layers of vulnerability.

Expansion of the Internet makes ICS easier prey to attackers. Taking into account that initially many ICS solutions and protocols were designed for isolated environments, such availability often provides a malicious user with multiple capabilities to cause impact to the infrastructure behind the ICS due to lack of security controls.

The data collected from Kaspersky Lab products shows that the tools used to attack businesses differ from those used against home users. Let’s have a look back at the major incidents of 2015 and at the new trends we have observed in information security within the business environment.

Microsoft releases six Security Bulletins today, three of them “critical” remote code execution, to fix almost thirty CVE-enumerated vulnerabilities. None of them are known to be publicly exploited, and only a couple are known to be publicly discussed.

In this post, let’s examine several additional plugins more closely, targeting details around BE2 Siemens exploitation, and some of their unusual coding failures.

Industrial systems, critically important installations and other key facilities require the very latest protection technologies.

Our investigation and research of Duqu malware continues.

First of all, we feel it necessary to clarify some of the confusion surrounding the files and their names related to this incident. To get a full understanding of the situation you only need to know that we’re talking about just two malicious programs here (at a minimum) – the main module and a keylogger.

This work-in-progress investigation tracks the Duqu Trojan and offers some answers to commonly asked questions.

On the first anniversary of Stuxnet, Roel Schouwenberg discusses gaping holes in Industrial Control Systems and the risks associated with these vulnerabilities.

Ever since Stuxnet hit the news last year, there has been an increased interest in the area of industrial control systems (ICS). This has been evidenced by the fact that we’ve seen a recent surge in public releases of zero-day (unpatched) vulnerabilities and exploits.

It is more than 20 years since the first PC virus appeared. Since then, the nature of threats has changed significantly

Reports

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.

Kaspersky researchers analyze 2019, 2022 and 2024 attacks attributed to Careto APT with medium to high confidence.

Industrial threats

Threat intelligence report for the telecommunications industry

Industrial cybersecurity threat landscape

Kaspersky Security Bulletin 2015. Evolution of cyber threats in the corporate sector

Microsoft Security Updates October 2015

BE2 extraordinary plugins, Siemens targeting, dev fails

Securing Critical Information Infrastructure: Trusted Computing Base

The Mystery of Duqu: Part Two

The Mystery of Duqu: Part One

Duqu FAQ

Lab Matters – Data breaches: critical infrastructure

SCADA exploits circulating

Changing threats, changing solutions: A history of viruses and antivirus

Reports

EAGERBEE, with updated and novel components, targets the Middle East

BellaCPP: Discovering a new BellaCiao variant written in C++

Lazarus group evolves its infection chain with old and new malware

Careto is back: what’s new after 10 years of silence?

Subscribe to our weekly e-mails