Russian facing surge of ICS attacks exploiting Bitrix CMS flaw

SecurityWeek reports that Russia and other nearby countries, such as Belarus, Kazakhstan, Kyrgyzstan, and Uzbekistan, have experienced an influx of cyberattacks against industrial control system computers involving the exploitation of a vulnerability in the Bitrix Site Manager content management system, tracked as CVE-2022-27228. Such a spike in attacks has been attributed by Kaspersky researchers to mass infections of websites leveraging Bitrix CMS, with researchers adding the significant increase in malicious scripts and phishing pages it blocked in Russia during the second half of last year, particularly in August and September. "[The increase in attacks] was largely due to a surge in the activity of potentially dangerous advertising platforms that are often used to spread malware disguised as advertising displayed on various web resources," Kaspersky added. The findings also showed that Kaspersky was able to avert threats against 40.6% of protected devices around the globe last year, compared with 39.6% in 2021 and 38.6% in 2020.