McAfee’s Advanced Threat Research team just completed its second annual capture the flag (CTF) contest for internal employees. Based on tremendous... The post McAfee ATR Launches...

Vulnerabilities in Schneider Electric’s low-voltage distribution system configuration software could enable attackers to upload arbitrary files defining electrical system parameters

Sсhneider Electric has published an advisory on a critical vulnerability in the web server used in TM3 I/O expansion modules

The vulnerability could cause a Windows local user privilege escalation when using EcoStruxure™ Operator Terminal Expert and Pro-face BLUE software and WinGP runtime environment by Schneider Electric.

DoS vulnerabilities have been disclosed in the integrated web server of Siemens SCALANCE X-200 / X-200IRT / X-300 switches. Measures proposed by the vendor do not prevent all possible attacks.

How many industrial organizations had installed backdoored SolarWinds versions? We present the results of our analysis.

See Dreambus operator for more information.

Technical report on best practice use of this fundamental data routing protocol.

Depending on your life experiences, the phrase (or country song by Eric Church) “two pink lines” may bring up a... The post Two Pink Lines appeared first on McAfee Blog.

As we gratefully move forward into the year 2021, we have to recognise that 2020 was as tumultuous in the... The post A Year in Review: Threat Landscape for 2020 appeared first on McAfee Blog.

The December 2020 revelations around the SUNBURST campaigns exploiting the SolarWinds Orion platform have revealed a new attack vector –... The post 2021 Threat Predictions Report appeared first...

It has been a while since I did some hardware hacking, and this time I want to review the basics. The LinkSys EA6100 router intrigued me since I was only able to find encrypted firmware images (or...

Abstract We introduced the “Royal Road RTF Weaponizer” in our previous blog [1] (and presented at Japan Security Analyst Conference 2020 and CPX 360 CPRCon 2020). Royal Road is a tool shared by...

Inspired by Kevin Backhouse’s great work on finding XNU remote vulnerabilities I decided to spend some time looking at CodeQL and performing some variant analysis. This lead to the discovery of a...

In a blog post released 13 Dec 2020, FireEye disclosed that threat actors compromised SolarWinds’s Orion IT monitoring and management... The post How A Device to Cloud Architecture Defends Against...

Executive Summary There has been considerable focus on the recent disclosures associated with SolarWinds, and while existing analysis on the... The post Additional Analysis into the SUNBURST...

Part I of II Situation In a blog post released 13 Dec 2020, FireEye disclosed that threat actors compromised SolarWinds’s... The post SUNBURST Malware and SolarWinds Supply Chain Compromise...

What seemed to be at first a targeted attack against FireEye, turned out to be a much worse espionage campaign associated with APT29 that the United State has suffered from.The SolarWinds...

Today, we’re announcing a milestone in that journey: a $100M Series A funding round led by Index Ventures, Sequoia Capital, Insight Partners, and Cyberstarts.

The Islamic hacker Ardit Ferizi, who is serving 20 years for giving his support to Islamic State group has been granted compassionate release. Ardit Ferizi, aka Th3Dir3ctorY, is the hacker that...

We present our vision of what challenges industrial cybersecurity will soon be (or already is) facing, and what to expect from cybercriminals in 2021.

Kaspersky ICS CERT experts virtually provided ICS Training for Executives

Kaspersky’s mission incorporates education on all levels, including collaborations with universities. As part of this mission, we have been working with the Deggendorf Institute of Technology...

Much like other events in 2020, our annual internal hackathon took a remote format this year, sporting over 120 hackers from across the globe. We had many challenges available during the...

After rigorous assessment, Kaspersky’s Industrial Systems Emergency Response Team (ICS CERT) has officially joined FIRST – the global Forum of Incident Response and Security Teams.

The European Union Agency for Cybersecurity (ENISA) has published its guidelines for securing the internet of things supply chain. Kaspersky ICS CERT experts were among the contributors to the...

Ciao belli! On the 19th of November 2020, SONY finally released the new PlayStation 5 in the UK. A few days earlier in the US, Japan, and Canada. Of course, Play Station 5 came together with a new...

Attack by Ryuk ransomware disrupts nearly all municipal services in Canadian city of Saint John

On 2020-11-16, a campaign was reported, involving Abcbot operator, gaining initial access via , to achieve Resource hijacking. The following tools were observed: Loggerminer.

When we finally decided on a date, sensecon 2020 was little over a month away. Unlike our public client events, internally sensecon is a three day conference filled with trainings, a hackathon and...