PRINT
PRINT
SEND MAIL
SEND MAIL

Category: Industrial threats

NEW TOOLS

Fud 100% services packages ready for sales

We offer a monthly Crypter service to make your files undetectable encrypted! this is how it works: You zip the files you want to encrypt and send them to our email cybersec@cybeseclabs.com then we will encrypt and make your files/file fud 100% (undetectable by any antivirus) and send them back to your email! We offer 3 packages: Standard Prenium Ultimate All those packages offer some unique futures to encrypt your file!  

Windows10

Black Window 10 v2

  Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system…

APTAPT reportsCyber espionageIndustrial threatsSecurity FeedsSofacySpear PhishingTargeted AttacksVulnerabilities and exploits

GreyEnergy’s overlap with Zebrocy

In October 2018, ESET published a report describing a set of activity they called GreyEnergy, which is believed to be a successor to BlackEnergy group. BlackEnergy (a.k.a. Sandworm) is best known, among other things, for having been involved in attacks against Ukrainian energy facilities in 2015, which led to power outages. Like its predecessor, GreyEnergy malware has been detected attacking industrial and ICS targets, mainly in Ukraine. Kaspersky Lab ICS CERT has identified an overlap between GreyEnergy and a Sofacy subset called “Zebrocy”. The…

APTAPT reportsIndustrial threatsLazarusNation State Sponsored EspionageOlympic DestroyerSecurity FeedsSofacyTargeted AttacksTurla

APT review of the year

What were the most interesting developments in terms of APT activity throughout the year and what can we learn from them? Not an easy question to answer; everybody has partial visibility and it’s never possible to really understand the motivations of some attacks or the developments behind them. Still, with the benefit of hindsight, let’s try to approach the problem from different angles to get a better understanding of what went on. On big actors There are a few ‘traditional’ actors that are very…

CybercrimeIndustrial control systemsIndustrial threatsKaspersky Security BulletinSecurity FeedsSecurity Policies

Threat predictions for industrial security in 2019

Kaspersky Security Bulletin: Threat Predictions for 2019 Cryptocurrency threat predictions for 2019 Cyberthreats to financial institutions 2019: overview and predictions The past few years have been very intense and eventful when it comes to incidents affecting the information security of industrial systems. That includes new vulnerabilities, new threat vectors, accidental infections of industrial systems and detected targeted attacks. In response, last year we developed some Threat Predictions for Industrial Security in 2018, outlining the trends most likely to unfold in the year ahead. The…

Cyber espionageFeaturedIndustrial control systemsIndustrial threatsInternet of ThingsSecurity FeedsTargeted Attacks

Threats posed by using RATs in ICS

While conducting audits, penetration tests and incident investigations, we have often come across legitimate remote administration tools (RAT) for PCs installed on operational technology (OT) networks of industrial enterprises. In a number of incidents that we have investigated, threat actors had used RATs to attack industrial organizations. In some cases, the attackers had stealthily installed RATs on victim organizations’ computers, while in other cases, they had been able to use the RATs that were installed in the organization at the time of the attacks.…

FeaturedIndustrial control systemsIndustrial threatsMalware StatisticsSecurity FeedsSecurity PoliciesVulnerabilities and exploits

Threat Landscape for Industrial Automation Systems in H1 2018

For many years, Kaspersky Lab experts have been uncovering and researching cyberthreats that target a variety of information systems – those of commercial and government organizations, banks, telecoms operators, industrial enterprises, and individual users. In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of its research on the threat landscape for industrial automation systems conducted during the first half of 2018. The main objective of these publications is to provide information support to global…

Dll HijackingFeaturedIndustrial threatsInternet BankingRAT TrojanRDPSecurity FeedsSocial EngineeringSpywareTargeted Attacks

Attacks on industrial enterprises using RMS and TeamViewer

Main facts Kaspersky Lab ICS CERT has identified a new wave of phishing emails with malicious attachments targeting primarily companies and organizations that are, in one way or another, associated with industrial production. The phishing emails are disguised as legitimate commercial offers and are sent mainly to industrial companies located in Russia. The content of each email reflects the activity of the organization under attack and the type of work performed by the employee to whom the email is sent. According to the data…

ICSindustrial softwareIndustrial threatsSecurity FeedsSecurity Policies

OPC UA security analysis

This paper discusses our project that involved searching for vulnerabilities in implementations of the OPC UA protocol. In publishing this material, we hope to draw the attention of vendors that develop software for industrial automation systems and the industrial internet of things to problems associated with using such widely available technologies, which turned out to be quite common. We hope that this article will help software vendors achieve a higher level of protection from modern cyberattacks. We also discuss some of our techniques and…

APT criminalAPT reportsFeaturedHackers AttacksIndustrial threatsSecurity FeedsTargeted attackVulnerabilities and exploitsWatering hole attacks

Energetic Bear/Crouching Yeti: attacks on servers

Energetic Bear/Crouching Yeti is a widely known APT group active since at least 2010. The group tends to attack different companies with a strong focus on the energy and industrial sectors. Companies attacked by Energetic Bear/Crouching Yeti are geographically distributed worldwide with a more obvious concentration in Europe and the US. In 2016-2017, the number of attacks on companies in Turkey increased significantly. The main tactics of the group include sending phishing emails with malicious documents and infecting various servers. The group uses some…

CyberespionageICSIndustrial control systemsindustrial softwareIndustrial threatsIoTMalware StatisticsSecurity FeedsSecurity PoliciesSpearphishing

Threat Landscape for Industrial Automation Systems in H2 2017

For many years, Kaspersky Lab experts have been uncovering and researching cyberthreats that target a variety of information systems – those of commercial and government organizations, banks, telecoms operators, industrial enterprises, and individual users. In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of its research on the threat landscape for industrial automation systems conducted during the second half of 2017. The main objective of these publications is to provide information support to global…