PRINT
PRINT
SEND MAIL
SEND MAIL

Category: Security Policies

Security FeedsSecurity PoliciesFinancial malwareFeaturedTargeted Attacksfileless malware

DarkVishnya: Banks attacked through direct connection to local network

by Black Hat Sec

While novice attackers, imitating the protagonists of the U.S. drama Mr. Robot, leave USB flash drives lying around parking lots in the hope that an employee from the target company picks one up and plugs it in at the workplace, more experienced cybercriminals prefer not to rely on chance. In 2017-2018, Kaspersky Lab specialists were invited to research a series of cybertheft incidents. Each attack had a common springboard: an unknown device directly connected to the company’s local network. In some cases, it was…

Read More DarkVishnya: Banks attacked through direct connection to local network
Security FeedsIndustrial threatsIndustrial control systemsSecurity PoliciesCybercrimeKaspersky Security Bulletin

Threat predictions for industrial security in 2019

by Black Hat Sec

Kaspersky Security Bulletin: Threat Predictions for 2019 Cryptocurrency threat predictions for 2019 Cyberthreats to financial institutions 2019: overview and predictions The past few years have been very intense and eventful when it comes to incidents affecting the information security of industrial systems. That includes new vulnerabilities, new threat vectors, accidental infections of industrial systems and detected targeted attacks. In response, last year we developed some Threat Predictions for Industrial Security in 2018, outlining the trends most likely to unfold in the year ahead. The…

Read More Threat predictions for industrial security in 2019
Security FeedsIndustrial threatsIndustrial control systemsMalware StatisticsSecurity PoliciesFeaturedVulnerabilities and exploits

Threat Landscape for Industrial Automation Systems in H1 2018

by Black Hat Sec

For many years, Kaspersky Lab experts have been uncovering and researching cyberthreats that target a variety of information systems – those of commercial and government organizations, banks, telecoms operators, industrial enterprises, and individual users. In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of its research on the threat landscape for industrial automation systems conducted during the first half of 2018. The main objective of these publications is to provide information support to global…

Read More Threat Landscape for Industrial Automation Systems in H1 2018
Security FeedsSecurity PoliciesPublicationsFeaturedVulnerabilities and exploitsApplication ControlVulnerability Statistics

Security assessment of corporate information systems in 2017

by Black Hat Sec

Each year, Kaspersky Lab’s Security Services department carries out dozens of cybersecurity assessment projects for companies worldwide. In this publication, we present a general summary and statistics for the cybersecurity assessments we have conducted of corporate information systems throughout 2017. We have analyzed several dozen projects for companies from various sectors, including government bodies, financial organizations, telecommunications and IT companies, as well as manufacturing and energy companies. The results and statistics on detected vulnerabilities are provided separately for each type of service provided: external…

Read More Security assessment of corporate information systems in 2017
Security FeedsIndustrial threatsICSindustrial softwareSecurity Policies

OPC UA security analysis

by Black Hat Sec

This paper discusses our project that involved searching for vulnerabilities in implementations of the OPC UA protocol. In publishing this material, we hope to draw the attention of vendors that develop software for industrial automation systems and the industrial internet of things to problems associated with using such widely available technologies, which turned out to be quite common. We hope that this article will help software vendors achieve a higher level of protection from modern cyberattacks. We also discuss some of our techniques and…

Read More OPC UA security analysis
Security FeedsIndustrial threatsCyberespionageICSIndustrial control systemsindustrial softwareIoTMalware StatisticsSecurity PoliciesSpearphishing

Threat Landscape for Industrial Automation Systems in H2 2017

by Black Hat Sec

For many years, Kaspersky Lab experts have been uncovering and researching cyberthreats that target a variety of information systems – those of commercial and government organizations, banks, telecoms operators, industrial enterprises, and individual users. In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of its research on the threat landscape for industrial automation systems conducted during the second half of 2017. The main objective of these publications is to provide information support to global…

Read More Threat Landscape for Industrial Automation Systems in H2 2017
Security FeedsSecurity PoliciesInternet of Things

Time of death? A therapeutic postmortem of connected medicine

by Black Hat Sec

#TheSAS2017 presentation: Smart Medicine Breaches Its “First Do No Harm” Principle At last year’s Security Analyst Summit 2017 we predicted that medical networks would be a titbit for cybercriminals. Unfortunately, we were right. The numbers of medical data breaches and leaks are increasing. According to public data, this year is no exception. For a year we have been observing how cybercriminals encrypt medical data and demand a ransom for it. How they penetrate medical networks and exfiltrate medical information, and how they find medical…

Read More Time of death? A therapeutic postmortem of connected medicine