Filter
25 March 2025
APT and financial attacks on industrial organizations in Q4 2024Abusing of Telegram to spy and put pressure on their victims’ employees, notifying the victims by printing messages on printers connected to a compromised network – we publish interesting details of attacks on industrial enterprises disclosed at this quarter.
29 January 2025
Threat predictions for industrial enterprises 2025Kaspersky ICS CERT analyzes industrial threat trends and makes forecasts on how the industrial threat landscape will look in 2025.
26 December 2024
APT and financial attacks on industrial organizations in Q3 2024During the quarter, a number of research papers and technical advisories were published detailing attacks that either targeted or affected organizations in the industrial sector. From our perspective, the following are likely to be the most interesting for researchers and useful for cybersecurity practitioners
25 December 2024
Threat landscape for industrial automation systems. Regions, Q3 2024The percentage of ICS computers on which malicious objects were blocked decreased from the second quarter to 22%. But the figure increased in Africa, South Asia, South-East Asia, the Middle East, Latin America, and East Asia. Regionally, the percentage ranged from 9.7% in Northern Europe to 31.5% in Africa.
25 December 2024
Threat landscape for industrial automation systems. Q3 2024The percentage of ICS computers on which malicious objects were blocked decreased by 1.5 pp from the second quarter to 22%. The biometrics sector led the surveyed industries in terms of this parameter.
10 June 2024
APT and financial attacks on industrial organizations in Q1 2024This summary provides an overview of the reports of APT and financial attacks on industrial enterprises, as well as the related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities.
02 April 2024
APT and financial attacks on industrial organizations in H2 2023An overview of reports of APT and financial attacks on industrial enterprises, as well as related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities
18 October 2023
Updated MATA attacks industrial companies in Eastern EuropeKaspersky experts discovered several detections of malware from the MATA cluster, previously attributed to the Lazarus group, compromising defense contractor companies in Eastern Europe.
25 September 2023
APT and financial attacks on industrial organizations in H1 2023An overview of reports of APT and financial attacks on industrial enterprises, as well as related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities
10 August 2023
Common TTPs of attacks against industrial organizations. Implants for uploading dataIn this part we present information on the four types of implants and two tools used during the last (third) stage of the attacks discovered.
Filter
30 May 2023
Why APTs are so successful – stories from IR trenchesDuring IR, while trying to figure out what went wrong, we’ve found numerous issues
19 October 2018
New GreyEnergy malware attacks industrial networksExperts point to the similarities between the new malware and BlackEnergy, and a possible connection of the attacks with the TeleBots criminal group
06 August 2018
APT group called RASPITE attacks industrial enterprisesDragos has published information on a newly-identified APT group, which it calls RASPITE. According to Dragos, the group's activity overlaps significantly with that of Leafminer, a group identified earlier by Symantec
25 October 2017
US-CERT Reports APT Attack on Critical InfrastructureUS-CERT has published a report on a targeted (APT) attack on government entities and organizations in energy, nuclear, aviation and other sectors. The attackers were interested in documents on industrial processes in targeted organizations.
Filter