all InfoSec news
Common TTPs of attacks against industrial organizations
Malware Analysis, News and Indicators - Latest topics malware.news
In 2022 we investigated a series of attacks against industrial organizations in Eastern Europe. In the campaigns, the attackers aimed to establish a permanent channel for data exfiltration, including data stored on air-gapped systems.
Based on similarities found between these campaigns and previously researched campaigns (e.g., ExCone, DexCone), including the use of FourteenHi variants, specific TTPs and the scope of the attack, we have medium to high confidence that a threat actor called APT31, also known as Judgment …
air-gapped attackers attacks campaigns channel data data exfiltration dexcone eastern europe europe excone exfiltration fourteenhi industrial organizations series systems ttps