Threat Category: Industrial threats | Page 6

In this post, let’s examine several additional plugins more closely, targeting details around BE2 Siemens exploitation, and some of their unusual coding failures.

Industrial systems, critically important installations and other key facilities require the very latest protection technologies.

Our investigation and research of Duqu malware continues.

First of all, we feel it necessary to clarify some of the confusion surrounding the files and their names related to this incident. To get a full understanding of the situation you only need to know that we’re talking about just two malicious programs here (at a minimum) – the main module and a keylogger.

This work-in-progress investigation tracks the Duqu Trojan and offers some answers to commonly asked questions.

On the first anniversary of Stuxnet, Roel Schouwenberg discusses gaping holes in Industrial Control Systems and the risks associated with these vulnerabilities.

Ever since Stuxnet hit the news last year, there has been an increased interest in the area of industrial control systems (ICS). This has been evidenced by the fact that we’ve seen a recent surge in public releases of zero-day (unpatched) vulnerabilities and exploits.

It is more than 20 years since the first PC virus appeared. Since then, the nature of threats has changed significantly

Reports

Kaspersky researchers analyze updated CoolClient backdoor and new tools and scripts used in HoneyMyte (aka Mustang Panda or Bronze President) APT campaigns, including three variants of a browser data stealer.

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.

Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant.

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.

Industrial threats

BE2 extraordinary plugins, Siemens targeting, dev fails

Securing Critical Information Infrastructure: Trusted Computing Base

The Mystery of Duqu: Part Two

The Mystery of Duqu: Part One

Duqu FAQ

Lab Matters – Data breaches: critical infrastructure

SCADA exploits circulating

Changing threats, changing solutions: A history of viruses and antivirus

Reports

HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Evasive Panda APT poisons DNS requests to deliver MgBot

Cloud Atlas activity in the first half of 2025: what changed

Subscribe to our weekly e-mails