Publications

06 March 2026

Scenarios in which cyberattacks used to search for and select targets during military conflicts, cyberespionage campaign orchestrated and executed by AI – the quarter was rich in interesting details of incidents.

• APT,
• APT overview,
• cyberespionage,
• phishing,
• ransomware,
• spyware,
• vulnerabilities

05 February 2026

Baseline security controls and practices that help defend against diverse cyberthreats across multiple stages of an attack, and controls crucial for protecting against particular types of cyberthreats.

• APT,
• cyberespionage,
• DLL hijacking,
• hacktivists,
• industrial cybersecurity,
• living-off-the-land

01 December 2025

Using of AI, trusted relationships and historical security problems of traditional OS – there are some interesting details of attacks on industrial enterprises.

• 0-day,
• APT,
• APT overview,
• cyberespionage,
• phishing,
• ransomware,
• spyware,
• vulnerabilities

04 September 2025

Spreading from a compromised organization to its peers with hijacked emails, using the ClickFix social engineering method – non-trivial tactics and techniques were reported this quarter.

• 0-day,
• APT,
• APT overview,
• cyberespionage,
• phishing,
• ransomware,
• spyware,
• vulnerabilities

19 June 2025

Using polyglot files, involving the 7-Zip vulnerability and the 0-click vulnerability in MS Windows – there are some interesting details of attacks on industrial enterprises disclosed at this quarter.

• APT,
• APT overview,
• cyberespionage,
• mining,
• phishing,
• ransomware,
• spyware,
• statistics

25 March 2025

Abusing of Telegram to spy and put pressure on their victims’ employees, notifying the victims by printing messages on printers connected to a compromised network – we publish interesting details of attacks on industrial enterprises disclosed at this quarter.

• APT,
• APT overview,
• cyberespionage,
• mining,
• phishing,
• ransomware,
• spyware,
• statistics

26 December 2024

During the quarter, a number of research papers and technical advisories were published detailing attacks that either targeted or affected organizations in the industrial sector. From our perspective, the following are likely to be the most interesting for researchers and useful for cybersecurity practitioners

• APT,
• APT overview,
• cyberespionage,
• mining,
• phishing,
• ransomware,
• spyware,
• statistics

08 August 2022

The attackers were able to penetrate dozens of enterprises and even hijack the IT infrastructure of some, taking control of systems used to manage security solutions. The goal of this series of attacks was cyberespionage.

• APT,
• cyberespionage,
• government,
• manufacturing,
• phishing,
• TA428

16 December 2021

Kaspersky products blocked PseudoManuscrypt on more than 35,000 computers in 195 countries of the world. Targets of attacks include a significant number of industrial and government organizations, including enterprises in the military-industrial complex and research laboratories.

• APT,
• buildings automation,
• cyberespionage,
• ICS engineering,
• Lazarus,
• Manuscrypt,
• PseudoManuscrypt

02 December 2020

We present our vision of what challenges industrial cybersecurity will soon be (or already is) facing, and what to expect from cybercriminals in 2021.

• APT,
• COVID-19,
• cyberespionage,
• ransomware