IM
IronMonkey Threat Research
LIVE
|
Articles 27,093
|
CVEs 348,840
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,061 articles — Page 217 of 903
Kaspersky ICS CERT (English) ·

Allen-Bradley Stratix 5950 network security appliances are affected by multiple vulnerabilities. The flaws, which are due to security issues in the Cisco ASA operating system used in the devices,...

Publications
Kaspersky ICS CERT (English) ·

DoS vulnerabilities have been identified in Siemens SIPROTEC 5 relays and the EN100 communication module. These vulnerabilities can be exploited by a remote attacker without requiring any...

Publications
Kaspersky ICS CERT (English) ·

WAGO has fixed multiple vulnerabilities in e!DISPLAY 7300T series HMA devices. Exploitation of these vulnerabilities could enable attackers to execute arbitrary code or overwrite critical files

Publications
Kaspersky ICS CERT (English) ·

Dragos has published information on a newly-identified APT group, which it calls RASPITE. According to Dragos, the group's activity overlaps significantly with that of Leafminer, a group...

Publications
Kaspersky ICS CERT (English) ·

Weak hashing algorithm allows attacker get passwords in clear text.

Advisories
Kaspersky ICS CERT (English) ·

Several companies, including Cisco, Rockwell Automation, Sierra Wireless, ABB and Siemens, have reported vulnerabilities in their industrial devices. The vendors are preparing updates to close...

Publications
Kaspersky ICS CERT (English) ·

A remote attacker can get sensitive information that expands attack surface.

Advisories
Kaspersky ICS CERT (English) ·

Serious vulnerabilities have been found in Intel processors. These flaws also affect industrial equipment. Intel has released the relevant updates and equipment vendors now need to integrate them...

Publications
Kaspersky ICS CERT (English) ·

A remote attacker can get administrative privileges using default credentials.

Advisories
Kaspersky ICS CERT (English) ·

2017 was one of the most eventful years in terms of information security incidents affecting industrial systems, and it changed the way industrial companies think about protecting key operational...

Publications
Kaspersky ICS CERT (English) ·

Vulnerabilities in Siemens SWT 3000, a system used in the energy sector, allow attackers to gain access to sensitive information, circumvent authentication and conduct a DoS attack.

Publications
Kaspersky ICS CERT (English) ·

A remote attacker can craft a malicious link and send it to a privileged user. This can cause denial of service.

Advisories
Kaspersky ICS CERT (English) ·

Siemens SCALANCE industrial solutions are affected by Dnsmasq vulnerabilities. An attacker could be able to execute arbitrary code or conduct a DoS attack.

Publications
Kaspersky ICS CERT (English) ·

A authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface.

Advisories
Kaspersky ICS CERT (English) ·

Kaspersky Lab ICS CERT experts have held the first tech talk on industrial cyber security at UC Berkeley.

Events
Kaspersky ICS CERT (English) ·

The Satori botnet has used embedded exploits to attack ports 37215 and 52869. After reaching the size of 280,000 active bots, the botnet has suddenly folded its operations.

Publications
Kaspersky ICS CERT (English) ·

Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device Management Software.

Advisories
Kaspersky ICS CERT (English) ·

The TRITON attack demonstrates an important property of attacks on industrial enterprises: they may show no signs of malicious computer activity.

Publications
Kaspersky ICS CERT (English) ·

ENISA has released a new study: “Good Practices for Security of Internet of Things in the context of Smart Manufacturing. Kaspersky Lab ICS CERT experts contributed to the study.

Critical Manufacturing Publications
Kaspersky ICS CERT (English) ·

Attackers can take advantage of vulnerabilities in the PAN-OS management interface to execute arbitrary code with superuser privileges.

Publications
Kaspersky ICS CERT (English) ·

Vulnerabilities in Intel, ARM64 and AMD processors allow unauthorized access to virtual memory contents. Vulnerable devices include industrial equipment.

Publications
Kaspersky ICS CERT (English) ·

Exploitation of vulnerabilities in Siemens SINUMERIK controllers cold allow remote code execution, privilege escalation and device denial-of-service conditions

Publications
Kaspersky ICS CERT (English) ·

LibVNCServer before a 0.9.12 release contains a heap out-of-bound write vulnerability in the server code of the file transfer extension, which can result in remote code execution.

Advisories
Kaspersky ICS CERT (English) ·

An improper input validation vulnerability has been identified in the Nari PCS-9611 protection relay. Although an exploit for the vulnerability exists, the vendor has so far not commented on the problem.

Publications
Kaspersky ICS CERT (English) ·

A few months ago, while undertaking unrelated research into online connected devices, we uncovered something surprising and realized almost immediately that we could be looking at a critical...

Energy Publications
Kaspersky ICS CERT (English) ·

LibVNCServer before a 0.9.12 release contains multiple heap out-of-bound write vulnerabilities in VNC client code, which can result in remote code execution.

Advisories
Kaspersky ICS CERT (English) ·

Remote exploitation of discovered vulnerabilities lead to full compromise the system with Saperion webclient.

Critical Manufacturing Advisories
Kaspersky ICS CERT (English) ·

A new variant of the Mirai botnet can set up proxy servers on infected IoT devices

Publications
Kaspersky ICS CERT (English) ·

LibVNCServer before a 0.9.12 release contains a heap out-of-bound write vulnerability in a structure in VNC client code, which can result in remote code execution.

Advisories
Kaspersky ICS CERT (English) ·

28 industrial solutions by Siemens are affected by vulnerabilities in Intel ME, SPS and TXE technologies. The vendor has released patches for all of these products and made these patches available...

Publications