Publications

07 February 2024

What UN Regulations 155 and 156 require from vehicle manufacturers in reality, and how to ensure compliance with requirements and prepare for certification if necessary

• automotive,
• automotive cybersecurity,
• ISO/SAE 21434,
• legislation,
• UN R 155

31 January 2024

Most of the described trends have been observed before. However, some of them have reached a critical mass of creeping changes, which could lead to a qualitative shift in the threat landscape

• automotive,
• hacktivists,
• logistics,
• ransomware,
• transportation

18 October 2023

Kaspersky experts discovered several detections of malware from the MATA cluster, previously attributed to the Lazarus group, compromising defense contractor companies in Eastern Europe.

• APT,
• Lazarus,
• malware,
• MATA,
• military-defense,
• phishing

05 October 2023

In this overview, we discuss cybercriminal and hacktivist attacks on industrial organizations.

• 0-day,
• automotive,
• data leakage,
• data loss,
• electronics industry,
• energy sector,
• food & beverage,
• hacktivists,
• ICS engineering,
• industrial automation,
• irrigation,
• logistics,
• manufacturing,
• metallurgy,
• military-defense,
• mining,
• MOVEit MFT,
• oil & gas,
• pharmaceutical,
• phishing,
• ransomware,
• robotics,
• transportation,
• utilities,
• waste recycling

25 September 2023

An overview of reports of APT and financial attacks on industrial enterprises, as well as related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities

• Andariel,
• APT,
• APT29,
• APT41,
• APT43,
• CloudWizard,
• CommonMagic,
• Earth Longzhi,
• Kryptik,
• Lancefly,
• Lazarus,
• malware,
• MATA,
• Mint Sandstorm,
• PlugX,
• RA,
• ransomware,
• RomCom,
• Royal,
• Snake,
• Sofacy,
• Tortoiseshell,
• Vice Society,
• Volt Typhoon,
• YoroTrooper

13 September 2023

The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.

• automotive,
• buildings automation,
• energy sector,
• ICS engineering,
• ICS integration,
• manufacturing,
• miners,
• oil & gas,
• ransomware,
• spyware,
• statistics

10 August 2023

In this part we present information on the four types of implants and two tools used during the last (third) stage of the attacks discovered.

• APT,
• cloud services,
• DLL hijacking,
• FourteenHi

31 July 2023

This part of the research is devoted to second stage malware used to gather data on infected systems of industrial organizations.

• Air-gapped networks,
• APT,
• DLL hijacking,
• FourteenHi,
• Stolen data exfiltration,
• USB removable media

20 July 2023

In this article (which is the first part of the report) we analyze common TTPs of implants used by threat actors to establish a persistent remote access channel into the infrastructure of industrial organizations.

• APT,
• APT31,
• cloud services,
• DLL hijacking,
• FourteenHi,
• MeatBall

24 March 2023

This summary provides an overview of APT attacks on industrial enterprises and activity of groups that have been observed attacking industrial organizations and critical infrastructure facilities.

• APT31,
• Budworm,
• Cloud Atlas/Inception,
• Earth Longzhi,
• EV-0530,
• IRIDIUM/Sandworm,
• Lazarus,
• POLONIUM,
• TA423/Red Ladon,
• TA428,
• Tropic Trooper,
• UNC3890,
• UNC4034/ZINC,
• Woody Rat,
• Worok