all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Common TTPs of attacks against industrial organizations

Add to bookmarks
Aug. 10, 2023, 8:05 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

In 2022 we investigated a series of attacks against industrial organizations in Eastern Europe. In the campaigns, the attackers aimed to establish a permanent channel for data exfiltration, including data stored on air-gapped systems.


Based on similarities found between these campaigns and previously researched campaigns (e.g., ExCone, DexCone), including the use of FourteenHi variants, specific TTPs and the scope of the attack, we have medium to high confidence that a threat actor called APT31, also known as Judgment …

air-gapped attackers attacks campaigns channel data data exfiltration dexcone eastern europe europe excone exfiltration fourteenhi industrial organizations series systems ttps

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Malware Simulators cannot test Antivirus Software 4 hours ago | malware.news
malware analysis topic
Ready2Run - Is dnSpy dead? 4 hours ago | malware.news
malware analysis topic
Security above all else—expanding Microsoft’s Secure Future Initiative 7 hours ago | malware.news
cyberattacks cybersecurity future high +11
FBI warns of email spoofing by North Korean threat actor Kimsuky 10 hours ago | malware.news
actor article dmarc domains +16
You get a passkey, you get a passkey, everyone should get a passkey 14 hours ago | malware.news
accounts can consumer cracked +10
Attackers evade detection by leveraging Microsoft Graph API 14 hours ago | malware.news
api article attackers cloud +15
Weird Al, Docker, OT, Gitlab, Credit Monitoring, Dropbox, Cisco, AI, Aaran Leyland... - SWN #383 15 hours ago | malware.news
article cisco credit credit monitoring +8
Code faster with generative AI, but beware the risks when you do 15 hours ago | malware.news
article can code coding +13
Proposed Bill Focuses on Voluntary AI Security Incident Reporting 15 hours ago | malware.news
ai security bill companies cybersecurity +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Network Security Administrator

@ Peraton | United States
View on infosec-jobs.com

IT Security Engineer 2

@ Oracle | BENGALURU, KARNATAKA, India
View on infosec-jobs.com

Sr Cybersecurity Forensics Specialist

@ Health Care Service Corporation | Chicago (200 E. Randolph Street)
View on infosec-jobs.com

Security Engineer

@ Apple | Hyderabad, Telangana, India
View on infosec-jobs.com

Cyber GRC & Awareness Lead

@ Origin Energy | Adelaide, SA, AU, 5000
View on infosec-jobs.com

Senior Security Analyst

@ Prenuvo | Vancouver, British Columbia, Canada
View on infosec-jobs.com
View more jobs