Lucene search
K

5 matches found

Securelist
Securelist
added 2023/08/10 8:0 a.m.23 views

Common TTPs of attacks against industrial organizations

In 2022 we investigated a series of attacks against industrial organizations in Eastern Europe. In the campaigns, the attackers aimed to establish a permanent channel for data exfiltration, including data stored on air-gapped systems. Based on similarities found between these campaigns and...

7.7AI score
Exploits0
Securelist
Securelist
added 2020/11/05 10:0 a.m.53 views

Attacks on industrial enterprises using RMS and TeamViewer: new data

Download full report PDF Executive Summary In summer 2019, Kaspersky ICS CERT identified a new wave of phishing emails containing various malicious attachments. The emails target companies and organizations from different sectors of the economy that are associated with industrial production in on...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2019/03/27 12:48 p.m.93 views

Ransomware Behind Norsk Hydro Attack Takes On Wiper-Like Capabilities

LockerGoga, the malware that took down Norsk Hydro last week, has taken the industrial world by storm, as researchers race to uncover more about the mysterious ransomware that crippled several of the aluminum maker’s plants. Questions still remain about how the malware first infects the system it...

0.2AI score
Exploits0References10
Securelist
Securelist
added 2018/08/01 10:0 a.m.39 views

Attacks on industrial enterprises using RMS and TeamViewer

Main facts Kaspersky Lab ICS CERT has identified a new wave of phishing emails with malicious attachments targeting primarily companies and organizations that are, in one way or another, associated with industrial production. The phishing emails are disguised as legitimate commercial offers and a...

0.7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/01/25 3:19 p.m.32 views

Detecting threat actors in recent German industrial attacks with Windows Defender ATP

When a Germany-based industrial conglomerate disclosed in December 2016 that it was breached early that year, the breach was revealed to be a professionally run industrial espionage attack. According to the German press, the intruders used the Winnti family of malware as their main implant, givin...

7.5AI score
Exploits0
Rows per page
Query Builder