HackDig : Dig high-quality web security articles

The nature of cyberincidents in 2022

Kaspersky offers various services to organizations that have been targeted by cyberattackers, such as incident response, digital forensics, and malware analysis. In our annual incident response report, we share information about the attacks that we investigated during the reporting period. Data provided in this report comes from our daily interactions with o
Publish At:2023-05-16 04:28 | Read:226989 | Comments:0 | Tags:SOC TI and IR posts Incident response Industrial threats In

Managed Detection and Response in 2022

Kaspersky Managed Detection and Response (MDR) is a service for 24/7 monitoring and response to detected incidents based on technologies and expertise of Kaspersky Security Operations Center (SOC) team. MDR allows detecting threats at any stage of the attack – both before anything is compromised and after the attackers have penetrated the company’s inf
Publish At:2023-05-02 04:28 | Read:150463 | Comments:0 | Tags:SOC TI and IR posts Industrial threats Internal Threats Sta

Threat landscape for industrial automation systems for H2 2022

Year 2022 in numbers Parameter H1 2022 H2 2022 2022 Percentage of attacked ICS computers globally 31.8% 34.3% 40.6% Main threat sources Internet 16.5% 19.9% 24.0% Email clients 7.0% 6.4% 7.9% Removable devices 3.5% 3.8% 5.2% Network folders 0.6% 0.6% 0.8% Percentage of ICS computers on which malicious objects from different categories were b
Publish At:2023-03-06 07:05 | Read:231724 | Comments:0 | Tags:Industrial threats Backdoor Industrial control systems Malwa

Reassessing cyberwarfare. Lessons learned in 2022

At this point, it has become cliché to say that nothing in 2022 turned out the way we expected. We left the COVID-19 crisis behind hoping for a long-awaited return to normality and were immediately plunged into the chaos and uncertainty of a twentieth-century-style military conflict that posed serious risks of spreading over the continent. While the broader
Publish At:2022-12-14 07:35 | Read:570748 | Comments:0 | Tags:Kaspersky Security Bulletin APT Cyberwarfare Data leaks DDoS

ICS cyberthreats in 2023 – what to expect

Cybersecurity incidents were plentiful in 2022, causing many problems for industrial infrastructure owners and operators. However, luckily, we did not see any sudden or catastrophic changes in the overall threat landscape – none that were difficult to handle, despite many colorful headlines in the media. As we see it, the coming year looks to be much more co
Publish At:2022-11-22 04:51 | Read:339784 | Comments:0 | Tags:Kaspersky Security Bulletin APT Hackers Industrial threats P

IT threat evolution Q3 2022

IT threat evolution in Q3 2022 IT threat evolution in Q3 2022. Non-mobile statistics IT threat evolution in Q3 2022. Mobile statistics Targeted attacks CosmicStrand:  discovery of a sophisticated UEFI rootkit In July, we reported a rootkit that we found in modified Unified Extensible Firmware Interface (UEFI) firmware, the code that loads and initiates the
Publish At:2022-11-18 04:51 | Read:402472 | Comments:0 | Tags:Malware reports Adware APT Browser Plugins Credit Cards Cryp

The secrets of Schneider Electric’s UMAS protocol

UMAS (Unified Messaging Application Services) is a proprietary Schneider Electric (SE) protocol used to configure and monitor Schneider Electric PLCs. Schneider Electric controllers that use UMAS include Modicon M580 CPU (part numbers BMEP* and BMEH*) and Modicon M340 CPU (part numbers BMXP34*). Controllers are configured and programmed using engineering sof
Publish At:2022-09-29 05:11 | Read:417238 | Comments:0 | Tags:Industrial threats Controllers Industrial control systems Sc

Threat landscape for industrial automation systems for H1 2022

H1 2022 in numbers Geography In H1 2022, malicious objects were blocked at least once on 31.8% of ICS computers globally. Percentage of ICS computers on which malicious objects were blocked For the first time in five years of observations, the lowest percentage in the ‎first half of the year was observed in March.‎ During the period from January to March,
Publish At:2022-09-08 05:11 | Read:659953 | Comments:0 | Tags:Industrial threats Industrial control systems Malware Statis

Targeted attack on industrial enterprises and public institutions

In January 2022, Kaspersky ICS CERT experts detected a wave of targeted attacks on military industrial complex enterprises and public institutions in several countries. In the course of our research, we were able to identify over a dozen of attacked organizations. The attack targeted industrial plants, design bureaus and research institutes, government agenc
Publish At:2022-08-08 05:10 | Read:517109 | Comments:0 | Tags:APT reports APT Backdoor Cyber espionage Data theft Malware

IT threat evolution Q1 2022

IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022. Mobile statistics Targeted attacks MoonBounce: the dark side of UEFI firmware Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019
Publish At:2022-05-27 06:16 | Read:889188 | Comments:0 | Tags:Malware reports APT BlueNoroff Industrial threats Lazarus Ma

Managed detection and response in 2021

Kaspersky Managed Detection and Response (MDR) helps organizations to complement existing detection capabilities or to expand limited in-house resources to protect their infrastructure from the growing number and complexity of threats in real time. We collect telemetry from clients’ networks and analyze it using machine learning and artificial intellig
Publish At:2022-05-26 07:42 | Read:521003 | Comments:0 | Tags:Publications Industrial threats Internal Threats Statistics

ISaPWN – research on the security of ISaGRAF Runtime

In early 2020, we notified the Rockwell Automation Product Security Incident Response Team (RA PSIRT) of several vulnerabilities we had identified in the ISaGRAF Runtime execution environment. According to public sources of information, ISaGRAF Runtime is used as an automation framework in multiple products in various industries across the globe and its use
Publish At:2022-05-23 10:14 | Read:470818 | Comments:0 | Tags:Research Controllers Encryption Firmware Industrial control

Threat landscape for industrial automation systems, H2 2021

2021 is the second year we have spent living and working in the pandemic. By 2021 everyone got used to pandemic limitations – industrial organization employees and IT security professionals and threat actors. If we compare the numbers from 2020 and 2021, we see that 2021 looks more stable, particularly in H2. H2 2021 Report at a glance The full report is ava
Publish At:2022-03-03 07:21 | Read:517353 | Comments:0 | Tags:Industrial threats Backdoor Industrial control systems Keylo

Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks

Main facts Kaspersky ICS CERT has uncovered a number of spyware campaigns targeting industrial enterprises. Operators of these campaigns hunt for corporate credentials, aiming to commit financial fraud or to sell them to other malicious actors. Spearphishing emails with malicious attachments sent from compromised corporate mailboxes to their contacts. The a
Publish At:2022-01-19 06:07 | Read:836397 | Comments:0 | Tags:Research Cybercrime Industrial control systems Malware Stati

PseudoManuscrypt: a mass-scale spyware attack campaign

In June 2021, Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT group’s arsenal. In 2020, the group used Manuscrypt in attacks on defense enterprises in different countries. These attacks are described in the report “Lazarus targets defense industry with Th
Publish At:2021-12-16 07:19 | Read:493303 | Comments:0 | Tags:Industrial threats Data theft Industrial control systems Laz


Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud