<!DOCTYPE html> <html lang="en-US"> <head> <meta charset="UTF-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta http-equiv="X-UA-Compatible" content="IE=Edge"> <script type="text/javascript"> /* <![CDATA[ */ var gform;gform||(document.addEventListener("gform_main_scripts_loaded",function(){gform.scriptsLoaded=!0}),window.addEventListener("DOMContentLoaded",function(){gform.domLoaded=!0}),gform={domLoaded:!1,scriptsLoaded:!1,initializeOnLoaded:function(o){gform.domLoaded&&gform.scriptsLoaded?o():!gform.domLoaded&&gform.scriptsLoaded?window.addEventListener("DOMContentLoaded",o):document.addEventListener("gform_main_scripts_loaded",o)},hooks:{action:{},filter:{}},addAction:function(o,n,r,t){gform.addHook("action",o,n,r,t)},addFilter:function(o,n,r,t){gform.addHook("filter",o,n,r,t)},doAction:function(o){gform.doHook("action",o,arguments)},applyFilters:function(o){return gform.doHook("filter",o,arguments)},removeAction:function(o,n){gform.removeHook("action",o,n)},removeFilter:function(o,n,r){gform.removeHook("filter",o,n,r)},addHook:function(o,n,r,t,i){null==gform.hooks[o][n]&&(gform.hooks[o][n]=[]);var e=gform.hooks[o][n];null==i&&(i=n+"_"+e.length),gform.hooks[o][n].push({tag:i,callable:r,priority:t=null==t?10:t})},doHook:function(n,o,r){var t;if(r=Array.prototype.slice.call(r,1),null!=gform.hooks[n][o]&&((o=gform.hooks[n][o]).sort(function(o,n){return o.priority-n.priority}),o.forEach(function(o){"function"!=typeof(t=o.callable)&&(t=window[t]),"action"==n?t.apply(null,r):r[0]=t.apply(null,r)})),"filter"==n)return r[0]},removeHook:function(o,n,t,i){var r;null!=gform.hooks[o][n]&&(r=(r=gform.hooks[o][n]).filter(function(o,n,r){return!!(null!=i&&i!=o.tag||null!=t&&t!=o.priority)}),gform.hooks[o][n]=r)}}); /* ]]> */ </script> <link rel="profile" href="http://gmpg.org/xfn/11" /> <link rel="pingback" href="https://securelist.com/xmlrpc.php" /> <link rel="apple-touch-icon" sizes="192x192" href="https://securelist.com/wp-content/themes/securelist2020/assets/images/favicons/favicon-192x192.png"> <link rel="icon" type="image/png" sizes="192x192" href="https://securelist.com/wp-content/themes/securelist2020/assets/images/favicons/favicon-192x192.png"> <link rel="icon" type="image/png" sizes="96x96" href="https://securelist.com/wp-content/themes/securelist2020/assets/images/favicons/favicon-96x96.png"> <link rel="icon" type="image/png" sizes="48x48" href="https://securelist.com/wp-content/themes/securelist2020/assets/images/favicons/favicon-48x48.png"> <link rel="icon" type="image/png" sizes="32x32" href="https://securelist.com/wp-content/themes/securelist2020/assets/images/favicons/favicon-32x32.png"> <link rel="icon" type="image/png" sizes="16x16" href="https://securelist.com/wp-content/themes/securelist2020/assets/images/favicons/favicon-16x16.png"> <link rel="manifest" href="https://securelist.com/wp-content/themes/securelist2020/assets/images/favicons/site.webmanifest"> <title>Updated MATA attacks industrial companies in Eastern Europe | Securelist</title> <!-- The SEO Framework by Sybre Waaijer --> <meta name="keywords" content="Backdoor,Credentials theft,Industrial threats,Lazarus,Malware Descriptions,Malware Technologies,MATA,Spear phishing,Trojan,Vulnerabilities and exploits" /> <link rel="canonical" href="https://securelist.com/updated-mata-attacks-industrial-companies-in-eastern-europe/110829/" /> <meta name="description" content="In early September 2022, we discovered several new malware samples belonging to the MATA cluster. The campaign had been launched in mid&#x2d;August 2022 and targeted over a dozen corporations in Eastern Europe from the oil and gas sector and defense industry." /> <meta property="og:type" content="article" /> <meta property="og:title" content="Updated MATA attacks industrial companies in Eastern Europe" /> <meta property="og:description" content="In early September 2022, we discovered several new malware samples belonging to the MATA cluster. The campaign had been launched in mid&#x2d;August 2022 and targeted over a dozen corporations in Eastern Europe from the oil and gas sector and defense industry." /> <meta property="og:url" content="https://securelist.com/updated-mata-attacks-industrial-companies-in-eastern-europe/110829/" /> <meta property="og:image" content="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/01/19094417/abstract_corporate_network.jpg" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:site" content="@Securelist" /> <meta name="twitter:creator" content="@Securelist" /> <meta name="twitter:title" content="Updated MATA attacks industrial companies in Eastern Europe" /> <meta name="twitter:description" content="In early September 2022, we discovered several new malware samples belonging to the MATA cluster. The campaign had been launched in mid&#x2d;August 2022 and targeted over a dozen corporations in Eastern Europe from the oil and gas sector and defense industry." /> <meta name="twitter:image" content="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/01/19094417/abstract_corporate_network.jpg" /> <script type="application/ld+json">{"@context":"https://schema.org","@type":"NewsArticle","mainEntityOfPage":{"@type":"WebPage","@id":"https://securelist.com/updated-mata-attacks-industrial-companies-in-eastern-europe/110829/"},"headline":"Updated MATA attacks industrial companies in Eastern Europe","image":"https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/01/19094417/abstract_corporate_network.jpg","datePublished":"2023-10-18T10:00:51+00:00","dateModified":"2023-10-18T09:49:01+00:00","author":{"@type":"Person","name":"GReAT","url":"https://securelist.com/author/great/"},"publisher":{"@type":"Organization","name":"Kaspersky","logo":{"@type":"ImageObject","url":"https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2019/06/04065705/article-logo-small_new.png","width":60,"height":60}},"description":"In early September 2022, we discovered several new malware samples belonging to the MATA cluster. The campaign had been launched in mid\u0026#x2d;August 2022 and targeted over a dozen corporations in Eastern Europe from the oil and gas sector and defense industry."}</script> <!-- / The SEO Framework by Sybre Waaijer | 60.85ms meta | 0.17ms boot --> <link rel='dns-prefetch' href='//kasperskycontenthub.com' /> <link rel='dns-prefetch' href='//securelist.com' /> <link rel='dns-prefetch' href='//www.google.com' /> <link rel='dns-prefetch' href='//media.kaspersky.com' /> <link rel="alternate" type="application/rss+xml" title="Securelist - English - Global - securelist.com &raquo; Feed" href="https://securelist.com/feed/" /> <link rel="alternate" type="application/rss+xml" title="Securelist - English - Global - securelist.com &raquo; Comments Feed" href="https://securelist.com/comments/feed/" /> <link rel="alternate" type="application/rss+xml" title="Securelist - English - Global - securelist.com &raquo; Updated MATA attacks industrial companies in Eastern Europe Comments Feed" href="https://securelist.com/updated-mata-attacks-industrial-companies-in-eastern-europe/110829/feed/" /> <link rel='stylesheet' id='crayon-group-css' href='//assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/css/core_style.css,wp-content/plugins/jquery-collapse-o-matic/css/light_style.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css' type='text/css' media='all' /> <link rel='stylesheet' id='taxonomy-image-plugin-public-group-css' href='//assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/taxonomy-images/css/style.css' type='text/css' media='screen' /> <script type="text/javascript" src="https://securelist.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp" id="jquery-core-js"></script> <script type="text/javascript" id="kaspersky-sso-integration-js-extra"> /* <![CDATA[ */ var kasperskySSOIntegrationData = {"authorizationURL":"https:\/\/auth.ca.uis.kaspersky.com\/connect\/authorize?client_id=securelist&client_name=Securelist&redirect_uri=https%3A%2F%2Fsecurelist.com%2Fkaspersky-sso%2Flogin%2F&response_type=code&scope=openid email profile offline_access","endSessionURL":"https:\/\/auth.ca.uis.kaspersky.com\/connect\/endsession?id_token_hint=eyJhbGciOiJSUzI1NiIsImtpZCI6IkNCNzFGQTExMjc4MzgyMzQ3OTAxNzlENkJGMkVBNkFCRkZGOEQ5OUYiLCJ4NXQiOiJ5M0g2RVNlRGdqUjVBWG5Xdnk2bXFfXzQyWjgiLCJ0eXAiOiJKV1QifQ.eyJhdF9oYXNoIjoiZDZVNFRvSi1MamJMdVlpR3VRNHFOQSIsInNpZCI6ImNrblhXczF5UFotYVVmRmJWQUZzN0EiLCJzdWIiOiIwMmU0MWE1My03MmY1LTQyNmYtYTUxNS1hMzFjZjc3NjZjODEiLCJhdXRoX3RpbWUiOiIxNzMyNTIyNjE2IiwiaWRwIjoiS2FzcGVyc2t5SWQiLCJrYXNwZXJza3kuc3ViX3ZlcnNpb24iOiIxIiwia2FzcGVyc2t5LnN1c3BpY2lvdXNfYXV0aGVudGljYXRpb24iOiJmYWxzZSIsIm5iZiI6MTczMjUyMjYxOSwiZXhwIjoxNzMyNjA5MDE5LCJpYXQiOjE3MzI1MjI2MTksImlzcyI6Imh0dHBzOi8vYXV0aC5jYS51aXMua2FzcGVyc2t5LmNvbSIsImF1ZCI6InNlY3VyZWxpc3QifQ.OguUvee3qrjOD6Dd5MSQFF3NfOlluXFgG5RYs3v287UUNcgvJChXtDsi0F5YA_VdzXCHz4PpZ4z9nQmK7YLleUEAFDYa1fPkE2gzooA3B8GPp66rVQBr8OFh5HpLkVOhFPk1QFGYe6igJ_7SS5CeVLci8QL6W4G6WdihuSNv9A8xhq0w5zzDT17cVJZvp_eFxoV7LYc5rHgx6MKw--NbK45pH0868zh1C_nivtFsWDGy61pk3DMBiyApBtjNAYMa409CDPKQHm6LknLVeMdedGDE64jbAXb0lD94TcHQzaSiO4QP0Vm6OWOKk1bXR21onCMoD5XrqJAaRtPtu-Yb0A&post_logout_redirect_uri=https:\/\/securelist.com\/kaspersky-sso\/logout\/"}; /* ]]> */ </script> <script type="text/javascript" id="kss_js-js-extra"> /* <![CDATA[ */ var kss = {"twitter_account":"Securelist"}; /* ]]> */ </script> <script type='text/javascript' src='//assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-lazy-load/assets/js/lazyload.js,wp-content/plugins/kaspersky-sso-integration/assets/js/main.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js'></script> <link rel="alternate" hreflang="x-default" href="https://securelist.com/updated-mata-attacks-industrial-companies-in-eastern-europe/110829/" /> <link rel="alternate" hreflang="ru" href="https://securelist.ru/updated-mata-attacks-industrial-companies-in-eastern-europe/108310/" /> <script> window.dataLayer = window.dataLayer || []; window.dataLayer.push({ 'Author' : 'GReAT', 'PostId' : '110829', 'PublicationDate' : '2023-10-18', 'Categories': 'APT reports', 'Tags': 'Backdoor, Credentials theft, Industrial threats, Lazarus, Malware Descriptions, Malware Technologies, MATA, Spear phishing, Trojan, Vulnerabilities and exploits', }); </script> <!-- Google Tag Manager --> <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-5CGZ3HG');</script> <!-- End Google Tag Manager --> <!-- Google Tag Manager --> <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-WZ7LJ3');</script> <!-- End Google Tag Manager --> <link rel="https://api.w.org/" href="https://securelist.com/wp-json/" /><link rel="alternate" type="application/json" href="https://securelist.com/wp-json/wp/v2/posts/110829" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://securelist.com/xmlrpc.php?rsd" /> <link rel="alternate" type="application/json+oembed" href="https://securelist.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fsecurelist.com%2Fupdated-mata-attacks-industrial-companies-in-eastern-europe%2F110829%2F" /> <link rel="alternate" type="text/xml+oembed" href="https://securelist.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fsecurelist.com%2Fupdated-mata-attacks-industrial-companies-in-eastern-europe%2F110829%2F&#038;format=xml" /> <script type="text/javascript"> var sNew = document.createElement("script"); sNew.async = true; sNew.src = "https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=43&siteid=1&t=1039073399&back=https%3A%2F%2Fsecurelist.com%2Fupdated-mata-attacks-industrial-companies-in-eastern-europe%2F110829%2F" var s0 = document.getElementsByTagName('script')[0]; s0.parentNode.insertBefore(sNew, s0); </script> <script type="text/javascript"> document.write(unescape("%3Cscript src='//munchkin.marketo.net/munchkin.js' type='text/javascript'%3E%3C/script%3E")); </script> <script>Munchkin.init('802-IJN-240');</script> <meta name="google-site-verification" content="o48MojucKcP-DT5iCMR8AsvkVWP14fE78flHCqqjo50" /> <script type="text/javascript"> var jQueryMigrateHelperHasSentDowngrade = false; window.onerror = function( msg, url, line, col, error ) { // Break out early, do not processing if a downgrade reqeust was already sent. if ( jQueryMigrateHelperHasSentDowngrade ) { return true; } var xhr = new XMLHttpRequest(); var nonce = '4ed5b6ce96'; var jQueryFunctions = [ 'andSelf', 'browser', 'live', 'boxModel', 'support.boxModel', 'size', 'swap', 'clean', 'sub', ]; var match_pattern = /\)\.(.+?) is not a function/; var erroredFunction = msg.match( match_pattern ); // If there was no matching functions, do not try to downgrade. if ( typeof erroredFunction !== 'object' || typeof erroredFunction[1] === "undefined" || -1 === jQueryFunctions.indexOf( erroredFunction[1] ) ) { return true; } // Set that we've now attempted a downgrade request. jQueryMigrateHelperHasSentDowngrade = true; xhr.open( 'POST', 'https://securelist.com/wp-admin/admin-ajax.php' ); xhr.setRequestHeader( 'Content-Type', 'application/x-www-form-urlencoded' ); xhr.onload = function () { var response, reload = false; if ( 200 === xhr.status ) { try { response = JSON.parse( xhr.response ); reload = response.data.reload; } catch ( e ) { reload = false; } } // Automatically reload the page if a deprecation caused an automatic downgrade, ensure visitors get the best possible experience. if ( reload ) { location.reload(); } }; xhr.send( encodeURI( 'action=jquery-migrate-downgrade-version&_wpnonce=' + nonce ) ); // Suppress error alerts in older browsers return true; } </script> <div id="fb-root"></div> <script> (function(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "//connect.facebook.net/en_US/all.js#xfbml=1&appId=160639043985664"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk')); </script> <script> (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = '//apis.google.com/js/platform.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })(); </script> <link rel="icon" href="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/11/06125514/cropped-sl_favicon-32x32.png" sizes="32x32" /> <link rel="icon" href="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/11/06125514/cropped-sl_favicon-192x192.png" sizes="192x192" /> <link rel="apple-touch-icon" href="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/11/06125514/cropped-sl_favicon-180x180.png" /> <meta name="msapplication-TileImage" content="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/11/06125514/cropped-sl_favicon-270x270.png" /> </head> <body class="post-template-default single single-post postid-110829 single-format-standard lang-en_US c-theme--light"> <!-- Google Tag Manager (noscript) --> <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5CGZ3HG" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript> <!-- End Google Tag Manager (noscript) --> <!-- Google Tag Manager (noscript) --> <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-WZ7LJ3" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript> <!-- End Google Tag Manager (noscript) --> <div id="site-top" class="site-top"> <div class="container"> <nav class="site-nav" data-element-id="product-menu"> <div class="label"> <p>Solutions for:</p> </div> <ul id="menu-product-menu-daily-nxgen" class="site-selector"><li><a target="_blank" href="https://www.kaspersky.com/home-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_prodmen_sm-team_______d5c53f9a5bd411f7" data-element-id="product-menu-link" class="font-icons icon-home menu-item menu-item-type-custom menu-item-object-custom menu-item-87907">Home Products</a></li> <li><a title="font-icons icon-small-business" target="_blank" href="https://www.kaspersky.com/small-business-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_prodmen_sm-team_______d5c53f9a5bd411f7" data-element-id="product-menu-link" class="font-icons icon-small-business menu-item menu-item-type-custom menu-item-object-custom menu-item-87908">Small Business 1-50 employees</a></li> <li><a target="_blank" href="https://www.kaspersky.com/small-to-medium-business-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_prodmen_sm-team_______d5c53f9a5bd411f7" data-element-id="product-menu-link" class="font-icons icon-medium-business menu-item menu-item-type-custom menu-item-object-custom menu-item-87909">Medium Business 51-999 employees</a></li> <li><a target="_blank" href="https://www.kaspersky.com/enterprise-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_prodmen_sm-team_______d5c53f9a5bd411f7" data-element-id="product-menu-link" class="font-icons icon-enterprise menu-item menu-item-type-custom menu-item-object-custom menu-item-87910">Enterprise 1000+ employees</a></li> </ul> </nav> </div> </div> <header id="site-header" class="site-header js-sticky-mobile-header"> <div class="container"> <a href="" class="c-page-nav-toggle js-mobile-menu-toggle"> <span class="c-page-nav-toggle__icon"> <span></span> <span></span> <span></span> </span> </a> <a href="" class="menu-toggle"> <span></span> <span></span> <span></span> </a> <div class="c-site-title"> <div class="c-site-logo__group"> <a data-element-id="securelist-logo" href="https://securelist.com/" class="c-site-logo c-site-logo--basic"></a> <span class="c-site-tagline">by Kaspersky</span> </div> </div> <ul id="menu-my-kaspersky" class="menu-utility sticky-utility"><li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87905"><a href="https://companyaccount.kaspersky.com/account/login?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="companyaccount">CompanyAccount</a> <li class="sticky-item sticky-xl-only menu-item menu-item-type-custom menu-item-object-custom menu-item-87906"><a href="https://www.kaspersky.com/enterprise-security/contact?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="getintouch">Get In Touch</a> <li class="securelist-theme-switcher menu-item menu-item-type-custom menu-item-object-custom menu-item-99824"><a data-element-id="dark-mode" href="#" class="js-theme-switcher"><i class="font-icons icon-moon"></i>Dark mode<span class="u-hidden u-inline--dark"> off</span></a> <li class="dropdown"><a data-element-id="lang-selector" href="#" class="">English</a><ul class="sub-menu-regular"><li><a href="https://securelist.ru/updated-mata-attacks-industrial-companies-in-eastern-europe/108310/">Russian</a></li><li><a href="https://securelist.lat">Spanish</a></li></ul> </ul> <div class="c-page-search js-main-search"> <form class="c-page-search__form c-page-search__form--small js-wizardinfosys_autosearch_form" full_search_url="https://securelist.com/?s=%q%" action="https://securelist.com/" method="get"> <div class="c-form-element c-form-element--style-fill"> <div class="c-form-element__field wp_autosearch_form_wrapper"> <input name="s" class="c-form-element__text wp_autosearch_input ac_input" data-webinars="" type="text" value="" placeholder="Search..." autocomplete="off"> </div> </div> <button class="c-button c-button--icon wp_autosearch_submit"><svg class="o-icon o-svg-icon o-svg-large"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-search"></use></svg></button> </form> <div class="c-page-search__toggle js-main-search-toggle"><svg class="o-icon o-svg-icon o-svg-larger"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-search"></use></svg></div> </div> <nav class="main-nav" data-element-id="nextgen-menu"> <ul id="menu-corp-menu" class="main-menu"><li class="dropdown mega menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-87706"><a href="https://www.kaspersky.com/enterprise-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Solutions</a> <ul class="submenu"> <li class="first featured featured-smaller menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-87707"> <ul class="featured section-col-l-3 no-gutter"> <li class="show-figure smaller-item icon-iot-embed-security menu-item menu-item-type-custom menu-item-object-custom menu-item-87710"><figure><a href="https://www.kaspersky.com/enterprise-security/embedded-security-internet-of-things?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/iot-embed-security.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/embedded-security-internet-of-things?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Internet of Things &#038; Embedded Security</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/embedded-security-internet-of-things?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-transportation-cybersecurity menu-item menu-item-type-custom menu-item-object-custom menu-item-87712"><figure><a href="https://www.kaspersky.com/enterprise-security/industrial-solution?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/transportation-cybersecurity.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/industrial-solution?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Industrial Cybersecurity</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/industrial-solution?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-fraud-prevention menu-item menu-item-type-custom menu-item-object-custom menu-item-87713"><figure><a href="https://www.kaspersky.com/enterprise-security/fraud-prevention?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/fraud-prevention.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/fraud-prevention?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Fraud Prevention</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/fraud-prevention?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item menu-item menu-item-type-custom menu-item-object-custom menu-item-87711"><a href="https://www.kaspersky.com/enterprise-security/kasperskyos?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">KasperskyOS-based solutions</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/kasperskyos?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> </ul> <li> <ul class="regular"> <li class="title"><h6>Other solutions</h6> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105615"><a href="https://www.kaspersky.com/enterprise-security/security-operations-center-soc?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Kaspersky for Security Operations Center</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105614"><a href="https://www.kaspersky.com/enterprise-security/kaspersky-iot-infrastructure-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Kaspersky IoT Infrastructure Security</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-112322"><a href="https://www.kaspersky.com/enterprise-security/kaspersky-secure-remote-workspace?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Kaspersky Secure Remote Workspace</a> </ul> </ul> <li class="dropdown mega menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-87714"><a href="https://www.kaspersky.com/enterprise-security/industries?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Industries</a> <ul class="submenu"> <li class="first featured featured-smaller menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-87715"> <ul class="featured section-col-l-3 no-gutter"> <li class="show-figure smaller-item icon-national-cybersecurity menu-item menu-item-type-custom menu-item-object-custom menu-item-87716"><figure><a href="https://www.kaspersky.com/enterprise-security/national-cybersecurity?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/national-cybersecurity.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/national-cybersecurity?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">National Cybersecurity</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/national-cybersecurity?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-industrial-cybersecurity menu-item menu-item-type-custom menu-item-object-custom menu-item-87717"><figure><a href="https://www.kaspersky.com/enterprise-security/industrial?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/industrial-cybersecurity.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/industrial?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Industrial Cybersecurity</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/industrial?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-financial-cybersecurity menu-item menu-item-type-custom menu-item-object-custom menu-item-87718"><figure><a href="https://www.kaspersky.com/enterprise-security/finance?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/financial-cybersecurity.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/finance?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Finance Services Cybersecurity</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/finance?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-healthcare-cybersecurity menu-item menu-item-type-custom menu-item-object-custom menu-item-87719"><figure><a href="https://www.kaspersky.com/enterprise-security/healthcare?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/healthcare-cybersecurity.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/healthcare?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Healthcare Cybersecurity</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/healthcare?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-transportation-cybersecurity menu-item menu-item-type-custom menu-item-object-custom menu-item-87720"><figure><a href="https://www.kaspersky.com/enterprise-security/transportation-cybersecurity-it-infrastructure?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/transportation-cybersecurity.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/transportation-cybersecurity-it-infrastructure?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Transportation Cybersecurity</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/transportation-cybersecurity-it-infrastructure?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-retail-cybersecurity menu-item menu-item-type-custom menu-item-object-custom menu-item-87721"><figure><a href="https://www.kaspersky.com/enterprise-security/retail-cybersecurity?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/retail-cybersecurity.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/retail-cybersecurity?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Retail Cybersecurity</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/retail-cybersecurity?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> </ul> <li> <ul class="regular"> <li class="title"><h6>Other Industries</h6> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87724"><a href="https://www.kaspersky.com/enterprise-security/telecom?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Telecom Cybersecurity</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87725"><a href="https://www.kaspersky.com/enterprise-security/industries?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">View all</a> </ul> </ul> <li class="dropdown mega menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-87726"><a href="https://www.kaspersky.com/enterprise-security/products?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Products</a> <ul class="submenu"> <li class="first featured featured-smaller menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-87728"> <ul class="featured section-col-l-3 no-gutter"> <li class="show-figure smaller-item menu-item menu-item-type-custom menu-item-object-custom menu-item-112352"><a href="https://www.kaspersky.com/next?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><figure><img alt="" src="https://media.kasperskydaily.com/wp-content/uploads/sites/92/2024/04/10052437/k_Next_RGB_black_icon.png"></figure>Kaspersky Next <small class="label-inline red">NEW!</small></a><div class="desc"><p><a href="https://www.kaspersky.com/next?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item menu-item menu-item-type-custom menu-item-object-custom menu-item-112323"><a href="https://www.kaspersky.com/enterprise-security/xdr?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>XDR</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/xdr?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-endpoint-security_products menu-item menu-item-type-custom menu-item-object-custom menu-item-87727"><figure><a href="https://www.kaspersky.com/enterprise-security/endpoint?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/endpoint-security_products.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/endpoint?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>Endpoint Security for Business</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/endpoint?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-endpoint-detection-and-response menu-item menu-item-type-custom menu-item-object-custom menu-item-112324"><figure><a href="https://www.kaspersky.com/enterprise-security/endpoint-detection-response-edr?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/endpoint-detection-and-response.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/endpoint-detection-response-edr?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>EDR Expert</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/endpoint-detection-response-edr?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-hybrid-cloud-security_products menu-item menu-item-type-custom menu-item-object-custom menu-item-87730"><figure><a href="https://www.kaspersky.com/enterprise-security/edr-security-software-solution?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/hybrid-cloud-security_products.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/edr-security-software-solution?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>EDR Optimum</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/edr-security-software-solution?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-anti-targeted-attack-platform menu-item menu-item-type-custom menu-item-object-custom menu-item-87731"><figure><a href="https://www.kaspersky.com/enterprise-security/anti-targeted-attack-platform?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/anti-targeted-attack-platform.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/anti-targeted-attack-platform?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>Anti Targeted Attack Platform</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/anti-targeted-attack-platform?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item menu-item menu-item-type-custom menu-item-object-custom menu-item-112325"><a href="https://www.kaspersky.com/enterprise-security/cloud-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>Hybrid Cloud Security</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/cloud-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item menu-item menu-item-type-custom menu-item-object-custom menu-item-112326"><a href="https://www.kaspersky.com/enterprise-security/sd-wan?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>SD-WAN</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/sd-wan?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-private-security-network menu-item menu-item-type-custom menu-item-object-custom menu-item-87732"><figure><a href="https://www.kaspersky.com/enterprise-security/industrial-cybersecurity?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/private-security-network.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/industrial-cybersecurity?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>Industrial CyberSecurity</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/industrial-cybersecurity?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-embedded-systems-security menu-item menu-item-type-custom menu-item-object-custom menu-item-87733"><figure><a href="https://www.kaspersky.com/enterprise-security/container-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/embedded-systems-security.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/container-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>Container Security</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/container-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> </ul> <li> <ul class="regular"> <li class="title"><h6>Other Products</h6> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-112328"><a href="https://www.kaspersky.com/enterprise-security/products/internet-gateway?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Kaspersky Security for Internet Gateway</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-112329"><a href="https://www.kaspersky.com/enterprise-security/embedded-systems?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Kaspersky Embedded Systems Security</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-112330"><a href="https://www.kaspersky.com/enterprise-security/kaspersky-iot-infrastructure-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Kaspersky IoT Infrastructure Security</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-112331"><a href="https://www.kaspersky.com/enterprise-security/kaspersky-secure-remote-workspace?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Kaspersky Secure Remote Workspace</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-112332"><a href="https://www.kaspersky.com/enterprise-security/mail-server-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Kaspersky Security for Mail Server</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87740"><a target="_blank" href="https://www.kaspersky.com/enterprise-security/products?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">View All</a> </ul> </ul> <li class="dropdown mega menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-87741"><a href="https://www.kaspersky.com/enterprise-security/services?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Services</a> <ul class="submenu"> <li class="first featured featured-smaller menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-87742"> <ul class="featured section-col-l-3 no-gutter"> <li class="show-figure smaller-item icon-cybersecurity-services menu-item menu-item-type-custom menu-item-object-custom menu-item-87743"><figure><a href="https://www.kaspersky.com/enterprise-security/cybersecurity-services?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/cybersecurity-services.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/cybersecurity-services?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>Cybersecurity Services</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/cybersecurity-services?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item menu-item menu-item-type-custom menu-item-object-custom menu-item-105619"><a href="https://www.kaspersky.com/enterprise-security/security-awareness?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>Security Awareness</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/security-awareness?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-premium-support menu-item menu-item-type-custom menu-item-object-custom menu-item-87745"><figure><a href="https://www.kaspersky.com/enterprise-security/premium-support?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/premium-support.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/premium-support?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>Premium Support</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/premium-support?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-threat-intelligence menu-item menu-item-type-custom menu-item-object-custom menu-item-87746"><figure><a href="https://www.kaspersky.com/enterprise-security/threat-intelligence?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/threat-intelligence.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/threat-intelligence?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>Threat Intelligence</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/threat-intelligence?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-incident-response menu-item menu-item-type-custom menu-item-object-custom menu-item-87748"><figure><a href="https://www.kaspersky.com/enterprise-security/managed-detection-and-response?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/incident-response.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/managed-detection-and-response?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>Managed Detection and Response</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/managed-detection-and-response?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-threat-hunting menu-item menu-item-type-custom menu-item-object-custom menu-item-87747"><figure><a href="https://www.kaspersky.com/enterprise-security/compromise-assessment?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/threat-hunting.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/compromise-assessment?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>Compromise Assessment</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/compromise-assessment?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> <li class="show-figure smaller-item icon-threat-hunting menu-item menu-item-type-custom menu-item-object-custom menu-item-112333"><figure><a href="https://www.kaspersky.com/enterprise-security/soc-consulting?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/threat-hunting.png"</a></figure><a href="https://www.kaspersky.com/enterprise-security/soc-consulting?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link"><span class="surtitle">Kaspersky</span>SOC Consulting</a><div class="desc"><p><a href="https://www.kaspersky.com/enterprise-security/soc-consulting?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f">Learn More</a></p></div> </ul> <li> <ul class="regular"> <li class="title"><h6>Other Services</h6> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87751"><a href="https://www.kaspersky.com/enterprise-security/professional-services?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Kaspersky Professional Services</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87752"><a href="https://www.kaspersky.com/enterprise-security/incident-response?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Kaspersky Incident Response</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87753"><a href="https://www.kaspersky.com/enterprise-security/cyber-security-training?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Kaspersky Cybersecurity Training</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87755"><a href="https://www.kaspersky.com/enterprise-security/services?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">View All</a> </ul> </ul> <li class="dropdown menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-87756"><a href="https://www.kaspersky.com/enterprise-security/resources?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Resource Center</a> <ul class="submenu"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87757"><a href="https://www.kaspersky.com/enterprise-security/resources/case-studies?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Case Studies</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87758"><a href="https://www.kaspersky.com/enterprise-security/resources/white-papers?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">White Papers</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87759"><a href="https://www.kaspersky.com/enterprise-security/resources/data-sheets?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Datasheets</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87760"><a href="https://www.kaspersky.com/enterprise-security/wiki-section/home?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Technologies</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105620"><a href="https://www.kaspersky.com/MITRE?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">MITRE ATT&#038;CK</a> </ul> <li class="dropdown menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-87761"><a href="https://www.kaspersky.com/about?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">About Us</a> <ul class="submenu"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105621"><a href="https://www.kaspersky.com/about/transparency?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Transparency</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105622"><a href="https://www.kaspersky.com/about/press-releases?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Corporate News</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105623"><a href="https://press.kaspersky.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Press Center</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105624"><a href="https://www.kaspersky.com/about/careers?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Careers</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105626"><a href="https://www.kaspersky.com/about/sponsorships/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Sponsorship</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105627"><a href="https://www.kaspersky.com/about/policy-blog?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Policy Blog</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105628"><a href="https://www.kaspersky.com/about/contact?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">Contacts</a> </ul> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87762"><a href="https://www.kaspersky.com/gdpr?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="nextgen-menu-link">GDPR</a> </ul> </nav> </div> </header> <div class="mobile-menu-wrapper mobile-menu-wrapper--dark"> <ul class="mobile-nav" data-back="Back"> <li class="selector"> <a data-element-id="subscribe-button" href="#modal-newsletter" class="button-link js-modal-open"><i class="font-icons icon-envelope"></i>Subscribe</a> <a href="#" class="button-link c-theme-switcher js-theme-switcher"><i class="font-icons icon-moon"></i> Dark mode<span class="u-hidden u-inline--dark"> off</span></a> <a data-element-id="login-button" href="#" class="button-link js-kaspersky-sso-login"><svg class="o-icon o-svg-icon"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-user"></use></svg>Login</a> </li> <li class="title"> <span>Securelist menu</span> </li> <li class="parent" data-parent data-icon="top-item"><a data-element-id="lang-selector" href="#" class=""><i class="top-item"></i><span>English</span></a><ul class="submenu"><li class="menu-item"><a href="https://securelist.ru/updated-mata-attacks-industrial-companies-in-eastern-europe/108310/">Russian</a></li><li class="menu-item"><a href="https://securelist.lat">Spanish</a></li></ul> <li class="parent" data-parent="Existing Customers" data-icon="font-icons top-item"><a rel="Existing Customers" href="#"><i class="font-icons top-item"></i><span>Existing Customers</span></a> <ul class="submenu"> <li class="parent" data-parent="Personal" data-icon="top-item"><a rel="Personal" href="#"><i class="top-item"></i><span>Personal</span></a> <ul class="submenu"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87860"><a href="https://my.kaspersky.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">My Kaspersky</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105987"><a href="https://www.kaspersky.com/renewal-center/home?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Renew your product</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105988"><a href="https://www.kaspersky.com/downloads?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Update your product</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105989"><a href="https://support.kaspersky.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Customer support</a> </ul> <li class="parent" data-parent="Business" data-icon="top-item"><a rel="Business" href="#"><i class="top-item"></i><span>Business</span></a> <ul class="submenu"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105991"><a href="https://ksos.kaspersky.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">KSOS portal</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105992"><a href="https://cloud.kaspersky.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Kaspersky Business Hub</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105993"><a href="https://support.kaspersky.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Technical Support</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105994"><a href="https://www.kaspersky.com/small-to-medium-business-security/resources?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Knowledge Base</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-105995"><a href="https://www.kaspersky.com/renewal-center/vsb?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Renew License</a> </ul> </ul> <li class="parent" data-parent="Home" data-icon="font-icons top-item"><a rel="Home" href="#"><i class="font-icons top-item"></i><span>Home</span></a> <ul class="submenu"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87778"><a href="https://www.kaspersky.com/home-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Products</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87771"><a href="https://www.kaspersky.com/downloads?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Trials&#038;Update</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87859"><a href="https://www.kaspersky.com/resource-center?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Resource Center</a> </ul> <li class="parent" data-parent="Business" data-icon="top-item"><a rel="Business" href="#"><i class="top-item"></i><span>Business</span></a> <ul class="submenu"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-112353"><a href="https://www.kaspersky.com/next?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Kaspersky Next</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87776"><a href="https://www.kaspersky.com/small-business-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Small Business (1-50 employees)</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87782"><a href="https://www.kaspersky.com/small-to-medium-business-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Medium Business (51-999 employees)</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87783"><a href="https://www.kaspersky.com/enterprise-security?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Enterprise (1000+ employees)</a> </ul> <li class="splitter"></li> <li class="title"><span>Securelist</span> <li class="parent" data-parent="" data-icon="top-item"><a href="https://securelist.com/threat-categories/"><i class="top-item"></i><span>Threats</span></a> <ul class="submenu"> <li class="menu-item menu-item-type-taxonomy menu-item-object-threat-category menu-item-89472"><a href="https://securelist.com/threat-category/financial-threats/">Financial threats</a> <li class="menu-item menu-item-type-taxonomy menu-item-object-threat-category menu-item-89467"><a href="https://securelist.com/threat-category/mobile-threats/">Mobile threats</a> <li class="menu-item menu-item-type-taxonomy menu-item-object-threat-category menu-item-89471"><a href="https://securelist.com/threat-category/web-threats/">Web threats</a> <li class="menu-item menu-item-type-taxonomy menu-item-object-threat-category menu-item-89468"><a href="https://securelist.com/threat-category/secure-environment/">Secure environment (IoT)</a> <li class="menu-item menu-item-type-taxonomy menu-item-object-threat-category menu-item-89470"><a href="https://securelist.com/threat-category/vulnerabilities-and-exploits/">Vulnerabilities and exploits</a> <li class="menu-item menu-item-type-taxonomy menu-item-object-threat-category menu-item-89466"><a href="https://securelist.com/threat-category/spam-and-phishing/">Spam and Phishing</a> <li class="menu-item menu-item-type-taxonomy menu-item-object-threat-category current-post-ancestor current-menu-parent current-post-parent menu-item-89469"><a href="https://securelist.com/threat-category/industrial-threats/">Industrial threats</a> </ul> <li class="parent" data-parent="" data-icon="top-item"><a href="https://securelist.com/categories/"><i class="top-item"></i><span>Categories</span></a> <ul class="submenu"> <li class="menu-item menu-item-type-taxonomy menu-item-object-category current-post-ancestor current-menu-parent current-post-parent menu-item-87880"><a href="https://securelist.com/category/apt-reports/">APT reports</a> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-87881"><a href="https://securelist.com/category/incidents/">Incidents</a> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-87886"><a href="https://securelist.com/category/research/">Research</a> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-89476"><a href="https://securelist.com/category/malware-reports/">Malware reports</a> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-89479"><a href="https://securelist.com/category/spam-and-phishing-reports/">Spam and phishing reports</a> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-89477"><a href="https://securelist.com/category/publications/">Publications</a> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-87882"><a href="https://securelist.com/category/kaspersky-security-bulletin/">Kaspersky Security Bulletin</a> </ul> <li class="menu-item menu-item-type-post_type menu-item-object-page current_page_parent menu-item-101953"><a href="https://securelist.com/all/">Archive</a> <li class="menu-item menu-item-type-post_type menu-item-object-page menu-item-87899"><a href="https://securelist.com/tags/">All Tags</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-101954"><a href="https://apt.securelist.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">APT Logbook</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-101955"><a href="https://securelist.com/webinars/">Webinars</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-102687"><a href="https://statistics.securelist.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Statistics</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87901"><a target="_blank" href="https://encyclopedia.kaspersky.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Encyclopedia</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87902"><a target="_blank" href="https://threats.kaspersky.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Threats descriptions</a> <li class="menu-item menu-item-type-post_type menu-item-object-page menu-item-105984"><a href="https://securelist.com/ksb-2021/">KSB 2021</a> <li class="splitter"></li> <li class="parent" data-parent="About Us" data-icon="top-item"><a rel="About Us" href="#"><i class="top-item"></i><span>About Us</span></a> <ul class="submenu"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87792"><a href="https://www.kaspersky.com/about/company?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Company</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87968"><a href="https://www.kaspersky.com/transparency?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Transparency</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87971"><a href="https://www.kaspersky.com/about/press-releases?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Corporate News</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87796"><a href="https://press.kaspersky.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Press Center</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87797"><a href="https://www.kaspersky.com/about/careers?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Careers</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87798"><a href="https://www.kaspersky.com/about/sponsorships/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Sponsorships</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87970"><a href="https://www.kaspersky.com/about/policy-blog?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Policy Blog</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87793"><a href="https://www.kaspersky.com/about/contact?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Contacts</a> </ul> <li class="parent" data-parent="Partners" data-icon="top-item"><a rel="Partners" href="#"><i class="top-item"></i><span>Partners</span></a> <ul class="submenu"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87768"><a href="https://www.kasperskypartners.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Find a Partner</a> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-87769"><a href="https://www.kaspersky.com/partners?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_mobmen_sm-team_______03880766cb97f3a8">Partner Program</a> </ul> </ul> <div class="background-overlay"></div> </div> <div class="c-page"> <section class="c-block c-block--bg-image c-page-header js-sticky-header" style="background-image: url(https://securelist.com/wp-content/themes/securelist2020/assets/images/content/bg-gradient-01.jpg);"> <div class="o-container-fluid"> <div class="c-page-header__wrapper u-mt-spacer-base-"> <div class="o-row o-row--small-gutters"> <div class="o-col-3@md u-mt-spacer-base-"> <a data-element-id="content-menu" href="#" class="c-page-nav-toggle js-main-menu-toggle"> <span class="c-page-nav-toggle__icon"> <span></span> <span></span> <span></span> </span> <span class="c-page-nav-toggle__text">Content menu</span> <span class="c-page-nav-toggle__text c-page-nav-toggle__text--active">Close</span> </a> </div> <div class="o-col-6@md"> <form class="c-page-search__form js-main-search-popup js-wizardinfosys_autosearch_form" full_search_url="https://securelist.com/?s=%q%" action="https://securelist.com/" method="get"> <div class="c-form-element c-form-element--style-fill"> <div class="c-form-element__field wp_autosearch_form_wrapper"> <input name="s" class="c-form-element__text wp_autosearch_input ac_input" data-webinars="" type="text" value="" placeholder="Search..." autocomplete="off"> </div> </div> <button class="c-button c-button--icon wp_autosearch_submit"><svg class="o-icon o-svg-icon o-svg-large"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-search"></use></svg></button> </form> </div> <div class="o-col-3@md c-page-header__utilities"> <a data-element-id="subscribe-button" href="#modal-newsletter" class="c-button c-subscribe-modal-toggle js-modal-open"><svg class="o-icon o-svg-icon o-svg-large"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-envelope"></use></svg><span>Subscribe</span></a> <div class="c-page-header__dropdown-wrapper"> <button class="c-button c-button--icon c-user-button js-kaspersky-sso-login"><svg class="o-icon o-svg-icon o-svg-large"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-user"></use></svg></button> </div> </div> </div> </div> </div> <nav class="c-page-nav c-color--invert"> <div class="o-container-fluid"> <div class="o-row o-row--small-gutters"> <div class="o-col-3@md c-page-nav__info"> <div class="c-site-logo__group"> <a data-element-id="content-menu-securelist-logo" href="https://securelist.com/" class="c-site-logo c-site-logo--basic c-site-logo--sm"></a> <span class="c-site-tagline">by Kaspersky</span> </div> <a data-element-id="content-menu-dark-mode" href="#" class="c-theme-switcher js-theme-switcher"><i class="font-icons icon-moon"></i> Dark mode<span class="u-hidden u-inline--dark"> off</span></a> </div> <div class="o-col-9@md"> <div class="c-page-menu"> <div class="o-row c-page-menu__dividers"> <div class="o-col-4@md"><div class="c-accordion js-accordion c-accordion--reset@md"><p id="menu-item-226" class="menu-item-threats section-title accordion menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-226 c-page-menu__title u-hidden u-block@md"><a href="https://securelist.com/threat-categories/" data-element-id="content-menu-link">Threats</a></p><div class="c-accordion-toggle js-accordion-toggle"><p>Threats</p></div><div class="c-accordion-container js-accordion-container"> <ul class="sub-menu"> <li id="menu-item-99839" class="menu-item menu-item-type-taxonomy menu-item-object-threat-category current-post-ancestor current-menu-parent current-post-parent menu-item-99839"><a href="https://securelist.com/threat-category/apt-targeted-attacks/" data-element-id="content-menu-link">APT (Targeted attacks)</a></li> <li id="menu-item-89457" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-89457"><a href="https://securelist.com/threat-category/secure-environment/" data-element-id="content-menu-link">Secure environment (IoT)</a></li> <li id="menu-item-63231" class="topic-item vulnerabilities menu-item menu-item-type-custom menu-item-object-custom menu-item-63231"><a href="https://securelist.com/threat-category/mobile-threats/" data-element-id="content-menu-link">Mobile threats</a></li> <li id="menu-item-63229" class="topic-item detected menu-item menu-item-type-custom menu-item-object-custom menu-item-63229"><a href="https://securelist.com/threat-category/financial-threats/" data-element-id="content-menu-link">Financial threats</a></li> <li id="menu-item-89458" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-89458"><a href="https://securelist.com/threat-category/spam-and-phishing/" data-element-id="content-menu-link">Spam and phishing</a></li> <li id="menu-item-99840" class="menu-item menu-item-type-taxonomy menu-item-object-threat-category current-post-ancestor current-menu-parent current-post-parent menu-item-99840"><a href="https://securelist.com/threat-category/industrial-threats/" data-element-id="content-menu-link">Industrial threats</a></li> <li id="menu-item-89465" class="menu-item menu-item-type-taxonomy menu-item-object-threat-category menu-item-89465"><a href="https://securelist.com/threat-category/web-threats/" data-element-id="content-menu-link">Web threats</a></li> <li id="menu-item-89459" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-89459"><a href="https://securelist.com/threat-category/vulnerabilities-and-exploits/" data-element-id="content-menu-link">Vulnerabilities and exploits</a></li> <li id="menu-item-113855" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-113855"><a href="https://securelist.com/threat-categories/" data-element-id="content-menu-link">All threats</a></li> </ul> </li> </li></ul></div></div></div><div class="o-col-4@md"><div class="c-accordion js-accordion c-accordion--reset@md"><p id="menu-item-230" class="menu-item-categories section-title accordion menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-230 c-page-menu__title u-hidden u-block@md"><a href="https://securelist.com/categories/" data-element-id="content-menu-link">Categories</a></p><div class="c-accordion-toggle js-accordion-toggle"><p>Categories</p></div><div class="c-accordion-container js-accordion-container"> <ul class="sub-menu"> <li id="menu-item-84158" class="menu-item menu-item-type-taxonomy menu-item-object-category current-post-ancestor current-menu-parent current-post-parent menu-item-84158"><a href="https://securelist.com/category/apt-reports/" data-element-id="content-menu-link">APT reports</a></li> <li id="menu-item-99841" class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-99841"><a href="https://securelist.com/category/malware-descriptions/" data-element-id="content-menu-link">Malware descriptions</a></li> <li id="menu-item-84160" class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-84160"><a href="https://securelist.com/category/kaspersky-security-bulletin/" data-element-id="content-menu-link">Security Bulletin</a></li> <li id="menu-item-84161" class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-84161"><a href="https://securelist.com/category/malware-reports/" data-element-id="content-menu-link">Malware reports</a></li> <li id="menu-item-89460" class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-89460"><a href="https://securelist.com/category/spam-and-phishing-reports/" data-element-id="content-menu-link">Spam and phishing reports</a></li> <li id="menu-item-99842" class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-99842"><a href="https://securelist.com/category/security-technologies/" data-element-id="content-menu-link">Security technologies</a></li> <li id="menu-item-84165" class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-84165"><a href="https://securelist.com/category/research/" data-element-id="content-menu-link">Research</a></li> <li id="menu-item-84164" class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-84164"><a href="https://securelist.com/category/publications/" data-element-id="content-menu-link">Publications</a></li> <li id="menu-item-113876" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-113876"><a href="https://securelist.com/categories/" data-element-id="content-menu-link">All categories</a></li> </ul> </li> </li></ul></div></div></div><div class="o-col-4@md"><p id="menu-item-277" class="menu-item-tags section-title after-accordion menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-277 c-page-menu__title u-hidden u-block@md"><a data-element-id="content-menu-link">Other sections</a></p> <ul class="sub-menu"> <li id="menu-item-100526" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-100526"><a href="https://securelist.com/all/" data-element-id="content-menu-link">Archive</a></li> <li id="menu-item-57837" class="show-all-tags menu-item menu-item-type-post_type menu-item-object-page menu-item-57837"><a href="https://securelist.com/tags/" data-element-id="content-menu-link">All tags</a></li> <li id="menu-item-101956" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-101956"><a href="https://securelist.com/webinars/" data-element-id="content-menu-link">Webinars</a></li> <li id="menu-item-101126" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-101126"><a target="_blank" rel="noopener noreferrer" href="https://apt.securelist.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="content-menu-link">APT Logbook</a></li> <li id="menu-item-241" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-241"><a target="_blank" rel="noopener noreferrer" href="https://statistics.securelist.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="content-menu-link">Statistics</a></li> <li id="menu-item-86643" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-86643"><a target="_blank" rel="noopener noreferrer" href="https://encyclopedia.kaspersky.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="content-menu-link">Encyclopedia</a></li> <li id="menu-item-58141" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-58141"><a target="_blank" rel="noopener noreferrer" href="https://threats.kaspersky.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="content-menu-link">Threats descriptions</a></li> <li id="menu-item-111312" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-111312"><a href="https://securelist.com/ksb-2023/" data-element-id="content-menu-link">KSB 2023</a></li> </ul> </li> </div> </div> </div> </div> </div> </div> </nav> </section> <section class="c-block c-block--spacing-t@md c-block--spacing-b-small@md c-block--divider-internal" style="z-index:10"> <div class="o-container-fluid"> <article class="c-article"> <header class="c-article__header"> <figure class="c-article__figure u-hidden@md"> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/01/19094417/abstract_corporate_network-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" fetchpriority="high" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/01/19094417/abstract_corporate_network-800x450.jpg" data-srcset="" srcset="" /> </figure> <p class="c-article__headline u-hidden@md"> <a href="https://securelist.com/category/apt-reports/" class="c-tag c-tag--primary">APT reports</a> </p> <h1 class="c-article__title">Updated MATA attacks industrial companies in Eastern Europe</h1> <div class="c-article__info"> <p class="c-article__headline u-hidden u-block@md"> <a href="https://securelist.com/category/apt-reports/" class="c-tag c-tag--primary">APT reports</a> </p> <p class="u-uppercase"><time datetime="2023-10-18T10:00:51+00:00">18 Oct 2023</time></p> <p class="c-article__reading u-ml-auto@md"> <svg class="o-icon o-svg-icon"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-hourglass"></use></svg> <span class="js-reading-time"></span> minute read </p> </div> </header> <div class="c-article__wrapper"> <div class="c-article__main"> <div class="c-highlight c-highlight--overflow-down@md js-accordion u-hidden@md"> <div class="c-accordion-toggle js-accordion-toggle"> <div class="c-highlight__header"> <div class="c-highlight__icon"> <div class="u-block--theme-light u-hidden--theme-dark"> <img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/icon/icon-categories.svg" /> </div> <div class="u-block--theme-dark u-hidden--theme-light"> <img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/icon/icon-categories--invert.svg" /> </div> </div> <div class="c-highlight__title"> <p>Table of Contents</p> </div> </div> </div> <div class="js-accordion-container"> <div class="c-highlight__body"> <ul class='c-list-links'><li><a href="#the-infection-chain">The infection chain</a></li><li><a href="#incident-investigation">Incident investigation</a></li><li><a href="#interesting-findings">Interesting findings</a></li></ul> </div> </div> </div> <div class="o-row c-article__container"> <div class="o-col c-article__content js-article-body"> <div class="js-reading-wrapper"> <figure class="c-article__figure u-hidden u-block@md"> <img width="1200" height="600" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/01/19094417/abstract_corporate_network-1200x600.jpg" class="attachment-securelist-2020-thumbnail-large size-securelist-2020-thumbnail-large wp-post-image" alt="" decoding="async" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/01/19094417/abstract_corporate_network-1200x600.jpg" data-srcset="" srcset="" /> </figure> <div class="c-article__authors u-hidden u-block@md"> <p class="c-block__title">Authors</p> <ul class="c-list-authors"> <li> <a href="https://securelist.com/author/great/" > <img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/avatar-default/avatar_default_2.png"> <span>GReAT</span></a> </li> <li> <a href="https://securelist.com/author/icscert/" > <img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/avatar-default/avatar_default_1.png"> <span>Kaspersky ICS CERT</span></a> </li> </ul> </div> <div class="js-reading-content"> <div class="c-wysiwyg"> <p>In early September 2022, we discovered several new malware samples belonging to the MATA cluster. As we were collecting and analyzing the relevant telemetry data, we realized the campaign had been launched in mid-August 2022 and targeted over a dozen corporations in Eastern Europe from the oil and gas sector and defense industry.</p> <p>The actors behind the attack used spear-phishing mails to target several victims, some were infected with Windows executable malware by downloading files through an internet browser. Each phishing document contains an external link to fetch a remote page containing a CVE-2021-26411 exploit. The attackers continued to send malicious documents via email until the end of September 2022. Overall, the campaign remained active over 6 months, until May 2023.</p> <h2 id="the-infection-chain">The infection chain</h2> <p>After analyzing the timeline and functionality of each malware, we have determined the infection chain of the campaign, although some parts remain unknown due to limited visibility. The attacker employed a combination of loader, main trojan, and stealer infection chains similar to those used by the previous MATA cluster and updated each malware&#8217;s capabilities. Moreover, they introduced a process to validate compromised victims to ensure careful malware delivery.</p> <div id="attachment_110830" style="width: 1034px" class="wp-caption aligncenter"><a href="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2023/10/17140459/new-MATA-infection-chain.png" class="magnificImage"><img loading="lazy" decoding="async" aria-describedby="caption-attachment-110830" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2023/10/17140459/new-MATA-infection-chain-1024x427.png" alt="" width="1024" height="427" class="size-large wp-image-110830" srcset="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2023/10/17140459/new-MATA-infection-chain-1024x427.png 1024w, https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2023/10/17140459/new-MATA-infection-chain-300x125.png 300w, https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2023/10/17140459/new-MATA-infection-chain-768x320.png 768w, https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2023/10/17140459/new-MATA-infection-chain-419x175.png 419w, https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2023/10/17140459/new-MATA-infection-chain-370x154.png 370w, https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2023/10/17140459/new-MATA-infection-chain-671x280.png 671w, https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2023/10/17140459/new-MATA-infection-chain-800x334.png 800w, https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2023/10/17140459/new-MATA-infection-chain.png 1431w" sizes="(max-width: 1024px) 100vw, 1024px" /></a><p id="caption-attachment-110830" class="wp-caption-text">The new MATA infection chain</p></div> <h2 id="incident-investigation">Incident investigation</h2> <p>A turning point in the investigation was the discovery of two MATA samples that had internal IP addresses set as C&#038;C server addresses. Attackers often create a chain of proxy servers within a corporate network to communicate between the malware and C&#038;C, for example, if the infected system does not have direct access to the internet. Of course, we have seen this before, but in this case the malware configuration included IP addresses from a subnet we were unfamiliar with at the time, and it caught our attention. We immediately notified the affected organization of the likely compromise of systems with these IP addresses and received a swift response. </p> <p>Starting to investigate this case we realized that the compromised systems were financial software servers and that these servers were having network access to several dozen subsidiaries of the targeted organization. At that point, we realized the compromise of one plant&#8217;s domain controller was just the tip of the iceberg. As we continued our investigation, we found that the attackers started the attack from the factory, using a phishing email, and progressed through the network until they discovered the shortcut of an RDP connection to the parent company&#8217;s terminal server. Then they acquired the user&#8217;s credentials and connected to the terminal server. After that, attackers repeated everything they had done at the attacked plant, but this time on the scale of the entire parent company. Using a vulnerability in a legitimate driver and a rootkit, they interfered with the antivirus, intercepted user credentials (many of which were cached on the terminal server, including accounts with administrator privileges on many systems), and began actively moving around the network.</p> <p>Naturally, this led to the parent company&#8217;s domain controller being compromised and control being gained over even more workstations and servers. But the attackers did not stop there. Next, they were able to access the control panels of two security solutions simultaneously. First, they got control over a solution for checking the compliance of systems with information security requirements by exploiting one of its vulnerabilities. Second, with the help of this security solution, they managed to get access to the control panel of the endpoint protection solution that had not been securely configured.<br /> In both cases, security solutions were used by attackers to gather information about the targeted organization&#8217;s infrastructure and to distribute malware, as both systems have the capability to deploy and execute files remotely. As a result, taking over centralized systems for managing security solutions allowed the attackers to spread the malware to multiple subsidiaries at once, as well as infect servers running Unix-like systems (that they couldn&#8217;t access even after gaining full control of the organization&#8217;s domain) with Linux-variant MATA.</p> <h2 id="interesting-findings">Interesting findings</h2> <ul> <li><strong>Three new generations of the MATA malware </strong><br /> The first of the new generations is an evolution of previous MATA generation 2. Second, we dubbed &#8220;MataDoor&#8221;, has been rewritten from scratch and may be considered as generation 4. The last one we named MATA gen.5 and it has been rewritten from the scratch as well. Like previous generations, it has extensive remote control capabilities over the infected system, has a modular architecture, and provides attackers with the ability to connect to control servers using various protocols, as well as supporting flexible proxy server chains.</li> <li><strong>Linux MATA generation 3</strong><br /> As said above, we observed that the actor spread the MATA Linux version through security solutions to several Linux servers. We&#8217;ve seen identical ELF malware on several paths including anti-malware solution control server and Linux hosts. Therefore, we strongly believe that this malware was delivered by security solutions remote installation functionality. The Linux version has very similar capability to the 3rd generation MATA Windows version, and seems to have been built from the same sources.</li> <li><strong>USB propagation module capable of bridging the air-gapped networks.</strong><br /> It is a special malware module designed to send commands to the infected system via removable media. The same module is also responsible for transporting data collected by the malware on the infected system, which is also done via USB. In our opinion, this component is used by attackers to infiltrate systems that are air-gapped from subnets that have access to the internet, since such systems usually store the most sensitive information.</li> <li><strong>Stealers</strong><br /> In previous MATA activity targeting the defense industry, a stealer malware was delivered to the victim. Likewise in this attack, the actor delivered the malware responsible for stealing sensitive information through the complicated infection procedure. The actor employed a variety of stealers based on the circumstances. In some instances, they used malware that was only capable of capturing screenshots from the user&#8217;s device. In other cases, there were stealers aimed to exfiltrate stored credentials and cookies from the victim.</li> <li><strong>EDR/Security bypass tools</strong><br /> In some cases, we observed the actor took advantage of a public exploit called CallbackHell to escalate privilege and bypass endpoint security products. The exploit, which we discovered and reported in 2021, triggers CVE-2021-40449 vulnerability, a use-after-free vulnerability, in Win32k&#8217;s NtGdiResetDC API. This added layer of complexity allowed them to operate undetected and achieve their objectives more effectively. Similarly, they used the BYOD (Bring Your Own Vulnerable Driver) technique when attacking systems that had the CVE-2021-40449 vulnerability patch installed.</li> </ul> <p>For technical details of the new MATA malware, a description of the malicious infrastructure used by the actor, attribution and victimology read the full &#8220;<a href="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2023/10/18092216/Updated-MATA-attacks-Eastern-Europe_full-report_ENG.pdf" rel="noopener" target="_blank">Updated MATA attacks industrial companies in Eastern Europe</a>&#8221; report.</p> </div> </div> </div> <div class="c-article__footer"> <div class="c-article__categories"> <ul class="c-list-tags"> <li><a href="https://securelist.com/tag/backdoor/" class="c-link-tag"><span>Backdoor</span></a></li> <li><a href="https://securelist.com/tag/credentials-theft/" class="c-link-tag"><span>Credentials theft</span></a></li> <li><a href="https://securelist.com/tag/industrial-threats/" class="c-link-tag"><span>Industrial threats</span></a></li> <li><a href="https://securelist.com/tag/lazarus/" class="c-link-tag"><span>Lazarus</span></a></li> <li><a href="https://securelist.com/tag/malware-descriptions/" class="c-link-tag"><span>Malware Descriptions</span></a></li> <li><a href="https://securelist.com/tag/malware-technologies/" class="c-link-tag"><span>Malware Technologies</span></a></li> <li><a href="https://securelist.com/tag/mata/" class="c-link-tag"><span>MATA</span></a></li> <li><a href="https://securelist.com/tag/spear-phishing/" class="c-link-tag"><span>Spear phishing</span></a></li> <li><a href="https://securelist.com/tag/trojan/" class="c-link-tag"><span>Trojan</span></a></li> <li><a href="https://securelist.com/tag/vulnerabilities-and-exploits/" class="c-link-tag"><span>Vulnerabilities and exploits</span></a></li> </ul> </div> <div class="c-article__authors u-hidden@md"> <p class="c-title--extra-small">Authors</p> <ul class="c-list-authors"> <li> <a href="https://securelist.com/author/great/" > <img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/avatar-default/avatar_default_1.png"> <span>GReAT</span></a> </li> <li> <a href="https://securelist.com/author/icscert/" > <img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/avatar-default/avatar_default_2.png"> <span>Kaspersky ICS CERT</span></a> </li> </ul> </div> </div> <div id="comments" class="entry-comments c-article__comments js-comments-wrapper"> <p class="c-title--extra-small">Updated MATA attacks industrial companies in Eastern Europe</p> <div id="respond" class="comment-respond"> <h3 id="reply-title" class="u-hidden"> <small></small></h3><form action="https://securelist.com/wp-comments-post.php" method="post" id="loginform" class="comment-form"><p class="comment-notes"><span id="email-notes">Your email address will not be published.</span> <span class="required-field-message">Required fields are marked <span class="required">*</span></span></p><div class="comment-form-comment"><textarea id="comment" name="comment" style="width:100%" rows="8" aria-required="true" placeholder="Type your comment here"></textarea></div><!-- .comment-form-comment --><p class="comment-form-author"><label for="author">Name <span class="required">*</span></label> <input id="author" name="author" type="text" value="" size="30" maxlength="245" autocomplete="name" required="required" /></p> <p class="comment-form-email"><label for="email">Email <span class="required">*</span></label> <input id="email" name="email" type="text" value="" size="30" maxlength="100" aria-describedby="email-notes" autocomplete="email" required="required" /></p> <script type="text/javascript"> document.addEventListener("input", function (event) { if (!event.target.closest("#comment")) return; try{ grecaptcha.render("recaptcha-submit-btn-area", { "sitekey" : "6LfQdrAaAAAAAEb_rTrwlbyc8z0Fa9CMjELY_2Ts", "theme" : "standard" }); }catch(error){/*possible duplicated instances*/} }); </script> <script src="https://www.google.com/recaptcha/api.js?hl=en&render=explicit" async defer></script> <div id="recaptcha-submit-btn-area">&nbsp;</div> <noscript> <style type="text/css">#form-submit-save {display:none;}</style> <input name="submit" type="submit" id="submit-alt" tabindex="6" value="Submit Comment"/> </noscript> <p class="form-submit"><input name="submit" type="submit" id="commentsubmit" class="submit" value="Comment" /><a rel="nofollow" id="cancel-comment-reply-link" href="/updated-mata-attacks-industrial-companies-in-eastern-europe/110829/#respond" style="display:none;">Cancel</a> <input type='hidden' name='comment_post_ID' value='110829' id='comment_post_ID' /> <input type='hidden' name='comment_parent' id='comment_parent' value='0' /> </p><p style="display: none;"><input type="hidden" id="akismet_comment_nonce" name="akismet_comment_nonce" value="8fbee625be" /></p><p style="display: none !important;" class="akismet-fields-container" data-prefix="ak_"><label>&#916;<textarea name="ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js_1" name="ak_js" value="20"/><script>document.getElementById( "ak_js_1" ).setAttribute( "value", ( new Date() ).getTime() );</script></p></form> </div><!-- #respond --> </div><!-- .entry-comments --> </div> <div class="o-col c-article__sidebar c-widgets--distributed u-hidden u-flex@md"> <div class="c-widget__wrapper"> <div class="c-highlight js-accordion is-active u-hidden u-block@md js-sticky-widget"> <div class="c-accordion-toggle js-accordion-toggle"> <div class="c-highlight__header"> <div class="c-highlight__icon"> <div class="u-block--theme-light u-hidden--theme-dark"> <img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/icon/icon-categories.svg" /> </div> <div class="u-block--theme-dark u-hidden--theme-light"> <img src="https://securelist.com/wp-content/themes/securelist2020/assets/images/icon/icon-categories--invert.svg" /> </div> </div> <div class="c-highlight__title"> <p>Table of Contents</p> </div> </div> </div> <div class="js-accordion-container"> <div class="c-highlight__body"> <ul class='c-list-links'><li><a href="#the-infection-chain">The infection chain</a></li><li><a href="#incident-investigation">Incident investigation</a></li><li><a href="#interesting-findings">Interesting findings</a></li></ul> </div> </div> </div> </div> <div class="c-widget__wrapper"> <div class="js-sticky-widget"> <p><span class="c-tag c-tag--primary">GReAT webinars</span></p> <div class="o-row o-row--small-gutters"> <div class="o-col-12 c-card__dividers c-card__dividers--hide-first@xs c-card__dividers--show-last@xs"> <article class="c-card c-card--hor-reverse@xs u-items-center"> <div class="c-card__body"> <header class="c-card__header"> <time datetime="2021-05-13T13:00:00+00:00" class="c-card__event-date"> 13 May 2021, 1:00pm </time> <h3 class="c-card__title c-card__title--has-icon"><a href="https://securelist.com/webinars/great-ideas-balalaika-edition/" class="c-card__title-icon"><svg class="o-icon o-svg-icon o-svg-larger"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-webinar"></use></svg></a><a href="https://securelist.com/webinars/great-ideas-balalaika-edition/" class="c-card__link">GReAT Ideas. Balalaika Edition</a></h3> </header> <footer class="c-card__footer"> <div class="c-card__authors"> <ul class="c-list-authors c-list-authors--comma"> <li> <a href="https://securelist.com/author/borislarin/" > <span>Boris Larin</span></a> </li> <li> <a href="https://securelist.com/author/denislegezo/" > <span>Denis Legezo</span></a> </li> </ul> </div> </footer> </div> </article> <article class="c-card c-card--hor-reverse@xs u-items-center"> <div class="c-card__body"> <header class="c-card__header"> <time datetime="2021-02-26T12:00:00+00:00" class="c-card__event-date"> 26 Feb 2021, 12:00pm </time> <h3 class="c-card__title c-card__title--has-icon"><a href="https://securelist.com/webinars/great-ideas-green-tea-edition/" class="c-card__title-icon"><svg class="o-icon o-svg-icon o-svg-larger"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-webinar"></use></svg></a><a href="https://securelist.com/webinars/great-ideas-green-tea-edition/" class="c-card__link">GReAT Ideas. Green Tea Edition</a></h3> </header> <footer class="c-card__footer"> <div class="c-card__authors"> <ul class="c-list-authors c-list-authors--comma"> <li> <a href="https://securelist.com/author/johnhultquist/" > <span>John Hultquist</span></a> </li> <li> <a href="https://securelist.com/author/brian_bartholomew/" > <span>Brian Bartholomew</span></a> </li> <li> <a href="https://securelist.com/author/suguru/" > <span>Suguru Ishimaru</span></a> </li> <li> <a href="https://securelist.com/author/vitalykamluk/" > <span>Vitaly Kamluk</span></a> </li> <li> <a href="https://securelist.com/author/seongsupark/" > <span>Seongsu Park</span></a> </li> <li> <a href="https://securelist.com/author/yusukeniwa/" > <span>Yusuke Niwa</span></a> </li> <li> <a href="https://securelist.com/author/motohikosato/" > <span>Motohiko Sato</span></a> </li> </ul> </div> </footer> </div> </article> <article class="c-card c-card--hor-reverse@xs u-items-center"> <div class="c-card__body"> <header class="c-card__header"> <time datetime="2020-06-17T13:00:00+00:00" class="c-card__event-date"> 17 Jun 2020, 1:00pm </time> <h3 class="c-card__title c-card__title--has-icon"><a href="https://securelist.com/webinars/great-ideas-powered-by-sas-malware-attribution-and-next-gen-iot-honeypots/" class="c-card__title-icon"><svg class="o-icon o-svg-icon o-svg-larger"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-webinar"></use></svg></a><a href="https://securelist.com/webinars/great-ideas-powered-by-sas-malware-attribution-and-next-gen-iot-honeypots/" class="c-card__link">GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots</a></h3> </header> <footer class="c-card__footer"> <div class="c-card__authors"> <ul class="c-list-authors c-list-authors--comma"> <li> <a href="https://securelist.com/author/marcopreuss/" > <span>Marco Preuss</span></a> </li> <li> <a href="https://securelist.com/author/denislegezo/" > <span>Denis Legezo</span></a> </li> <li> <a href="https://securelist.com/author/costin/" > <span>Costin Raiu</span></a> </li> <li> <a href="https://securelist.com/author/kurtb/" > <span>Kurt Baumgartner</span></a> </li> <li> <a href="https://securelist.com/author/dandemeter/" > <span>Dan Demeter</span></a> </li> <li> <a href="https://securelist.com/author/yaroslavshmelev/" > <span>Yaroslav Shmelev</span></a> </li> </ul> </div> </footer> </div> </article> <article class="c-card c-card--hor-reverse@xs u-items-center"> <div class="c-card__body"> <header class="c-card__header"> <time datetime="2020-08-26T14:00:00+00:00" class="c-card__event-date"> 26 Aug 2020, 2:00pm </time> <h3 class="c-card__title c-card__title--has-icon"><a href="https://securelist.com/webinars/great-ideas-powered-by-sas-threat-actors-advance-on-new-fronts/" class="c-card__title-icon"><svg class="o-icon o-svg-icon o-svg-larger"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-webinar"></use></svg></a><a href="https://securelist.com/webinars/great-ideas-powered-by-sas-threat-actors-advance-on-new-fronts/" class="c-card__link">GReAT Ideas. Powered by SAS: threat actors advance on new fronts</a></h3> </header> <footer class="c-card__footer"> <div class="c-card__authors"> <ul class="c-list-authors c-list-authors--comma"> <li> <a href="https://securelist.com/author/ivankwiatkowski/" > <span>Ivan Kwiatkowski</span></a> </li> <li> <a href="https://securelist.com/author/maheryamout/" > <span>Maher Yamout</span></a> </li> <li> <a href="https://securelist.com/author/noushinshabab/" > <span>Noushin Shabab</span></a> </li> <li> <a href="https://securelist.com/author/pierredelcher/" > <span>Pierre Delcher</span></a> </li> <li> <a href="https://securelist.com/author/felixaime/" > <span>Félix Aime</span></a> </li> <li> <a href="https://securelist.com/author/giampaolodedola/" > <span>Giampaolo Dedola</span></a> </li> <li> <a href="https://securelist.com/author/santiago/" > <span>Santiago Pontiroli</span></a> </li> </ul> </div> </footer> </div> </article> <article class="c-card c-card--hor-reverse@xs u-items-center"> <div class="c-card__body"> <header class="c-card__header"> <time datetime="2020-07-22T14:00:00+00:00" class="c-card__event-date"> 22 Jul 2020, 2:00pm </time> <h3 class="c-card__title c-card__title--has-icon"><a href="https://securelist.com/webinars/great-ideas-powered-by-sas-threat-hunting-and-new-techniques/" class="c-card__title-icon"><svg class="o-icon o-svg-icon o-svg-larger"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-webinar"></use></svg></a><a href="https://securelist.com/webinars/great-ideas-powered-by-sas-threat-hunting-and-new-techniques/" class="c-card__link">GReAT Ideas. Powered by SAS: threat hunting and new techniques</a></h3> </header> <footer class="c-card__footer"> <div class="c-card__authors"> <ul class="c-list-authors c-list-authors--comma"> <li> <a href="https://securelist.com/author/dimitrybestuzhev/" > <span>Dmitry Bestuzhev</span></a> </li> <li> <a href="https://securelist.com/author/costin/" > <span>Costin Raiu</span></a> </li> <li> <a href="https://securelist.com/author/pierredelcher/" > <span>Pierre Delcher</span></a> </li> <li> <a href="https://securelist.com/author/brian_bartholomew/" > <span>Brian Bartholomew</span></a> </li> <li> <a href="https://securelist.com/author/borislarin/" > <span>Boris Larin</span></a> </li> <li> <a href="https://securelist.com/author/arieljungheit/" > <span>Ariel Jungheit</span></a> </li> <li> <a href="https://securelist.com/author/fabioa/" > <span>Fabio Assolini</span></a> </li> </ul> </div> </footer> </div> </article> </div> </div> </div> </div> <div class="c-widget__wrapper"> <div class="js-sticky-widget"> <p><span class="c-tag c-tag--primary">From the same authors</span></p> <div class="o-row o-row--small-gutters"> <div class="o-col-12 c-card__dividers c-card__dividers--hide-first@xs c-card__dividers--show-last@xs"> <article class="c-card c-card--hor-reverse@xs u-items-center"> <a href="https://securelist.com/ksb-financial-and-crimeware-predictions-2025/114565/" class="c-card__figure" style=""> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/11/14073106/ksb-financial-crimeware-featured-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" loading="lazy" srcset="" sizes="(max-width: 800px) 100vw, 800px" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/11/14073106/ksb-financial-crimeware-featured-800x450.jpg" data-srcset="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/11/14073106/ksb-financial-crimeware-featured-800x450.jpg 800w, https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/11/14073106/ksb-financial-crimeware-featured-300x170.jpg 300w" /> </a> <div class="c-card__body"> <header class="c-card__header"> <h3 class="c-card__title"><a href="https://securelist.com/ksb-financial-and-crimeware-predictions-2025/114565/" class="c-card__link">Сrimeware and financial cyberthreats in 2025</a></h3> </header> </div> </article> </div> <div class="o-col-12 c-card__dividers c-card__dividers--hide-first@xs c-card__dividers--show-last@xs"> <article class="c-card c-card--hor-reverse@xs u-items-center"> <a href="https://securelist.com/grandoreiro-banking-trojan/114257/" class="c-card__figure" style=""> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/10/21182233/SL-Grandoreiro-featured-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" loading="lazy" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/10/21182233/SL-Grandoreiro-featured-800x450.jpg" data-srcset="" srcset="" /> </a> <div class="c-card__body"> <header class="c-card__header"> <h3 class="c-card__title"><a href="https://securelist.com/grandoreiro-banking-trojan/114257/" class="c-card__link">Grandoreiro, the global trojan with grandiose goals</a></h3> </header> </div> </article> </div> <div class="o-col-12 c-card__dividers c-card__dividers--hide-first@xs c-card__dividers--show-last@xs"> <article class="c-card c-card--hor-reverse@xs u-items-center"> <a href="https://securelist.com/kral-amos-vidar-acr-stealers/114237/" class="c-card__figure" style=""> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/10/21075606/SL-stealers-fetured-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" loading="lazy" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/10/21075606/SL-stealers-fetured-800x450.jpg" data-srcset="" srcset="" /> </a> <div class="c-card__body"> <header class="c-card__header"> <h3 class="c-card__title"><a href="https://securelist.com/kral-amos-vidar-acr-stealers/114237/" class="c-card__link">Stealer here, stealer there, stealers everywhere!</a></h3> </header> </div> </article> </div> <div class="o-col-12 c-card__dividers c-card__dividers--hide-first@xs c-card__dividers--show-last@xs"> <article class="c-card c-card--hor-reverse@xs u-items-center"> <a href="https://securelist.com/industrial-threat-landscape-q2-2024/113981/" class="c-card__figure" style=""> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/09/25181518/SL-industrial-threats-featured-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" loading="lazy" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/09/25181518/SL-industrial-threats-featured-800x450.jpg" data-srcset="" srcset="" /> </a> <div class="c-card__body"> <header class="c-card__header"> <h3 class="c-card__title"><a href="https://securelist.com/industrial-threat-landscape-q2-2024/113981/" class="c-card__link">Threat landscape for industrial automation systems, Q2 2024</a></h3> </header> </div> </article> </div> <div class="o-col-12 c-card__dividers c-card__dividers--hide-first@xs c-card__dividers--show-last@xs"> <article class="c-card c-card--hor-reverse@xs u-items-center"> <a href="https://securelist.com/sambaspy-rat-targets-italian-users/113851/" class="c-card__figure" style=""> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/09/18090743/SL-SambaSpy-featured-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" loading="lazy" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/09/18090743/SL-SambaSpy-featured-800x450.jpg" data-srcset="" srcset="" /> </a> <div class="c-card__body"> <header class="c-card__header"> <h3 class="c-card__title"><a href="https://securelist.com/sambaspy-rat-targets-italian-users/113851/" class="c-card__link">Exotic SambaSpy is now dancing with Italian users</a></h3> </header> </div> </article> </div> </div> </div> </div> <div class="c-widget__wrapper"> <div class="c-widget-subscribe js-sticky-widget"> <div class="c-block__header"> <h5 class="c-title--small">Subscribe to our weekly e-mails</h5> <p>The hottest research right in your inbox</p> </div> <div class="c-form--float-labels js-float-labels"> <script type="text/javascript"></script> <div class='gf_browser_ie gf_browser_ie7 gform_wrapper gform_wrapper_original_id_11 gravity-theme subscribe-mc_wrapper' id='gform_wrapper_4234050036' ><div id='gf_4234050036' class='gform_anchor' tabindex='-1'></div><form method='post' enctype='multipart/form-data' target='gform_ajax_frame_4234050036' id='gform_4234050036' class='subscribe-mc' action='/updated-mata-attacks-industrial-companies-in-eastern-europe/110829/#gf_4234050036' > <div class="gform-content-wrapper"><div class='gform_body gform-body'><div id='gform_fields_4234050036' class='gform_fields top_label form_sublabel_below description_below'><div id="field_11_1" class="gfield gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible" ><label class='gfield_label screen-reader-text' for='input_4234050036_1' >Email<span class="gfield_required"><span class="gfield_required gfield_required_text">(Required)</span></span></label><div class='ginput_container ginput_container_email'> <input name='input_1' id='input_4234050036_1' type='text' value='' class='medium' placeholder='Email' aria-required="true" aria-invalid="false" /> </div></div><div id="field_11_3" class="gfield js-kaspersky-gform-recaptcha-placeholder gform_hidden field_sublabel_below field_description_below gfield_visibility_hidden" ><div class='ginput_container ginput_container_text'><input name='input_3' id='input_4234050036_3' type='hidden' class='gform_hidden' aria-invalid="false" value='' /></div></div><fieldset id="field_11_2" class="gfield input-without-label label-gdpr gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible" ><legend class='gfield_label screen-reader-text gfield_label_before_complex' ><span class="gfield_required"><span class="gfield_required gfield_required_text">(Required)</span></span></legend><div class='ginput_container ginput_container_checkbox'><div class='gfield_checkbox' id='input_4234050036_2'><div class='gchoice gchoice_11_2_1'> <input class='gfield-choice-input' name='input_2.1' type='checkbox' value='I agree' id='choice_4234050036_11_2_1' /> <label for='choice_4234050036_11_2_1' id='label_4234050036_11_2_1'>I agree to provide my email address to “AO Kaspersky Lab” to receive information about new posts on the site. I understand that I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above.</label> </div></div></div></fieldset></div></div> <div class='gform_footer top_label'> <button type="submit" class="gform_button button" id='gform_submit_button_4234050036' value="Sign up"> <svg class="o-icon o-svg-icon o-svg-large"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-envelope"></use></svg> <span>Subscribe</span> </button> <input type='hidden' name='gform_ajax' value='form_id=11&amp;title=&amp;description=&amp;tabindex=0' /> <input type='hidden' class='gform_hidden' name='is_submit_11' value='1' /> <input type='hidden' class='gform_hidden' name='gform_submit' value='11' /> <input type='hidden' class='gform_hidden' name='gform_unique_id' value='' /> <input type='hidden' class='gform_hidden' name='state_11' value='WyJbXSIsImIwODQwZTA2ZGQ0NzYwODcyOTBkZjNmZDM1NDk2Y2ZkIl0=' /> <input type='hidden' class='gform_hidden' name='gform_target_page_number_11' id='gform_target_page_number_4234050036_11' value='0' /> <input type='hidden' class='gform_hidden' name='gform_source_page_number_11' id='gform_source_page_number_4234050036_11' value='1' /> <input type='hidden' name='gform_random_id' value='4234050036' /><input type='hidden' name='gform_field_values' value='securelist_2020_form_location=sidebar' /> </div> </div><p style="display: none !important;" class="akismet-fields-container" data-prefix="ak_"><label>&#916;<textarea name="ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js_2" name="ak_js" value="95"/><script>document.getElementById( "ak_js_2" ).setAttribute( "value", ( new Date() ).getTime() );</script></p></form> </div> <iframe style='display:none;width:0px;height:0px;' src='about:blank' name='gform_ajax_frame_4234050036' id='gform_ajax_frame_4234050036' title='This iframe contains the logic required to handle Ajax powered Gravity Forms.'></iframe> <script type="text/javascript"> /* <![CDATA[ */ gform.initializeOnLoaded( function() {gformInitSpinner( 4234050036, 'https://securelist.com/wp-content/themes/securelist2020/assets/images/content/ajax-spinner-red.svg' );jQuery('#gform_ajax_frame_4234050036').on('load',function(){var contents = jQuery(this).contents().find('*').html();var is_postback = contents.indexOf('GF_AJAX_POSTBACK') >= 0;if(!is_postback){return;}var form_content = jQuery(this).contents().find('#gform_wrapper_4234050036');var is_confirmation = jQuery(this).contents().find('#gform_confirmation_wrapper_4234050036').length > 0;var is_redirect = contents.indexOf('gformRedirect(){') >= 0;var is_form = form_content.length > 0 && ! is_redirect && ! is_confirmation;var mt = parseInt(jQuery('html').css('margin-top'), 10) + parseInt(jQuery('body').css('margin-top'), 10) + 100;if(is_form){jQuery('#gform_wrapper_4234050036').html(form_content.html());if(form_content.hasClass('gform_validation_error')){jQuery('#gform_wrapper_4234050036').addClass('gform_validation_error');} else {jQuery('#gform_wrapper_4234050036').removeClass('gform_validation_error');}setTimeout( function() { /* delay the scroll by 50 milliseconds to fix a bug in chrome */ jQuery(document).scrollTop(jQuery('#gform_wrapper_4234050036').offset().top - mt); }, 50 );if(window['gformInitDatepicker']) {gformInitDatepicker();}if(window['gformInitPriceFields']) {gformInitPriceFields();}var current_page = jQuery('#gform_source_page_number_4234050036_11').val();gformInitSpinner( 4234050036, 'https://securelist.com/wp-content/themes/securelist2020/assets/images/content/ajax-spinner-red.svg' );jQuery(document).trigger('gform_page_loaded', [4234050036, current_page]);window['gf_submitting_4234050036'] = false;}else if(!is_redirect){var confirmation_content = jQuery(this).contents().find('.GF_AJAX_POSTBACK').html();if(!confirmation_content){confirmation_content = contents;}setTimeout(function(){jQuery('#gform_wrapper_4234050036').replaceWith(confirmation_content);jQuery(document).scrollTop(jQuery('#gf_4234050036').offset().top - mt);jQuery(document).trigger('gform_confirmation_loaded', [4234050036]);window['gf_submitting_4234050036'] = false;wp.a11y.speak(jQuery('#gform_confirmation_message_4234050036').text());}, 50);}else{jQuery('#gform_4234050036').append(contents);if(window['gformRedirect']) {gformRedirect();}}jQuery(document).trigger('gform_post_render', [4234050036, current_page]);} );} ); /* ]]> */ </script> </div> </div> </div> <div class="c-widget__wrapper"> <div class="js-sticky-widget"> <p><span class="c-tag c-tag--primary">In the same category</span></p> <div class="o-row o-row--small-gutters"> <div class="o-col-12 c-card__dividers c-card__dividers--hide-first@xs c-card__dividers--show-last@xs"> <article class="c-card c-card--hor-reverse@xs u-items-center"> <a href="https://securelist.com/sidewinder-apt/114089/" class="c-card__figure" style=""> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/10/11172712/SL-SideWinder-StealerBot-featured-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" loading="lazy" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/10/11172712/SL-SideWinder-StealerBot-featured-800x450.jpg" data-srcset="" srcset="" /> </a> <div class="c-card__body"> <header class="c-card__header"> <h3 class="c-card__title"><a href="https://securelist.com/sidewinder-apt/114089/" class="c-card__link">Beyond the Surface: the evolution and expansion of the SideWinder APT group</a></h3> </header> </div> </article> </div> <div class="o-col-12 c-card__dividers c-card__dividers--hide-first@xs c-card__dividers--show-last@xs"> <article class="c-card c-card--hor-reverse@xs u-items-center"> <a href="https://securelist.com/blindeagle-apt/113414/" class="c-card__figure" style=""> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/16173535/SL-BlindEagle-featured-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" loading="lazy" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/16173535/SL-BlindEagle-featured-800x450.jpg" data-srcset="" srcset="" /> </a> <div class="c-card__body"> <header class="c-card__header"> <h3 class="c-card__title"><a href="https://securelist.com/blindeagle-apt/113414/" class="c-card__link">BlindEagle flying high in Latin America</a></h3> </header> </div> </article> </div> <div class="o-col-12 c-card__dividers c-card__dividers--hide-first@xs c-card__dividers--show-last@xs"> <article class="c-card c-card--hor-reverse@xs u-items-center"> <a href="https://securelist.com/eastwind-apt-campaign/113345/" class="c-card__figure" style=""> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/14084410/SL-EastWind-targeted-attack-featured-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" loading="lazy" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/14084410/SL-EastWind-targeted-attack-featured-800x450.jpg" data-srcset="" srcset="" /> </a> <div class="c-card__body"> <header class="c-card__header"> <h3 class="c-card__title"><a href="https://securelist.com/eastwind-apt-campaign/113345/" class="c-card__link">EastWind campaign: new CloudSorcerer attacks on government organizations in Russia</a></h3> </header> </div> </article> </div> <div class="o-col-12 c-card__dividers c-card__dividers--hide-first@xs c-card__dividers--show-last@xs"> <article class="c-card c-card--hor-reverse@xs u-items-center"> <a href="https://securelist.com/apt-trends-report-q2-2024/113275/" class="c-card__figure" style=""> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/06073438/apt-report-q2-2024-featured-image-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" loading="lazy" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/06073438/apt-report-q2-2024-featured-image-800x450.jpg" data-srcset="" srcset="" /> </a> <div class="c-card__body"> <header class="c-card__header"> <h3 class="c-card__title"><a href="https://securelist.com/apt-trends-report-q2-2024/113275/" class="c-card__link">APT trends report Q2 2024</a></h3> </header> </div> </article> </div> <div class="o-col-12 c-card__dividers c-card__dividers--hide-first@xs c-card__dividers--show-last@xs"> <article class="c-card c-card--hor-reverse@xs u-items-center"> <a href="https://securelist.com/cloudsorcerer-new-apt-cloud-actor/113056/" class="c-card__figure" style=""> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/07/03121455/CloudSorcerer-featured-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" loading="lazy" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/07/03121455/CloudSorcerer-featured-800x450.jpg" data-srcset="" srcset="" /> </a> <div class="c-card__body"> <header class="c-card__header"> <h3 class="c-card__title"><a href="https://securelist.com/cloudsorcerer-new-apt-cloud-actor/113056/" class="c-card__link">CloudSorcerer – A new APT targeting Russian government entities</a></h3> </header> </div> </article> </div> </div> </div> </div> <li id="text-22" class="widget widget_text"> <div class="textwidget"><p><a href="https://www.kaspersky.com/next?icid=gl_KNext_acq_ona_smm__onl_b2b_securelist_ban_sm-team___knext___" target="_blank" rel="noopener"><img decoding="async" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/04/10092337/NEXT_310x420_EN.jpg" width="370" /></a></p> </div> </li> </div> </div> </div> </div> <div class="c-article__progress rpi-progress-bar"> <div class="c-article__progress-bar__position rpi-progress-bar__position"></div> <div class="rpi-progress-bar__percentage"></div> </div> </article> </div> </section> <section class="c-block c-block--spacing-t-small c-block--spacing-b-small@md c-block--divider-internal"> <div class="o-container-fluid"> <h5 class="c-block__title">Latest Posts</h5> <div class="o-row o-row--small-gutters@sm c-card__row c-card__row--fixed-width-down@sm js-slider-posts-mobile"> <div class="o-col-6@sm o-col-3@md"> <article class="c-card c-card--standard@xs"> <a href="https://securelist.com/internet-exposed-gnss-receivers-in-2024/114548/" class="c-card__figure" style=""> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/11/13080938/SL-satellite-antennae-featured-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" loading="lazy" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/11/13080938/SL-satellite-antennae-featured-800x450.jpg" data-srcset="" srcset="" /> </a> <div class="c-card__body"> <header class="c-card__header"> <p class="c-card__headline u-hidden u-block@md"> <a href="https://securelist.com/category/research/" class="c-tag c-tag--primary">Research</a> </p> <h3 class="c-card__title"><a href="https://securelist.com/internet-exposed-gnss-receivers-in-2024/114548/" class="c-card__link">Threats in space (or rather, on Earth): internet-exposed GNSS receivers</a></h3> </header> <footer class="c-card__footer"> <div class="c-card__authors"> <ul class="c-list-authors c-list-authors--comma"> <li> <a href="https://securelist.com/author/isabelmanjarrez/" > <span>Isabel Manjarrez</span></a> </li> </ul> </div> </footer> </div> </article> </div> <div class="o-col-6@sm o-col-3@md"> <article class="c-card c-card--standard@xs"> <a href="https://securelist.com/new-ymir-ransomware-found-in-colombia/114493/" class="c-card__figure" style=""> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/11/11075744/ymir-featured-image-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" loading="lazy" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/11/11075744/ymir-featured-image-800x450.jpg" data-srcset="" srcset="" /> </a> <div class="c-card__body"> <header class="c-card__header"> <p class="c-card__headline u-hidden u-block@md"> <a href="https://securelist.com/category/malware-descriptions/" class="c-tag c-tag--primary">Malware descriptions</a> </p> <h3 class="c-card__title"><a href="https://securelist.com/new-ymir-ransomware-found-in-colombia/114493/" class="c-card__link">Ymir: new stealthy ransomware in the wild</a></h3> </header> <footer class="c-card__footer"> <div class="c-card__authors"> <ul class="c-list-authors c-list-authors--comma"> <li> <a href="https://securelist.com/author/cristiansouza/" > <span>Cristian Souza</span></a> </li> <li> <a href="https://securelist.com/author/ashleymunoz/" > <span>Ashley Muñoz</span></a> </li> <li> <a href="https://securelist.com/author/eduardoovalle/" > <span>Eduardo Ovalle</span></a> </li> </ul> </div> </footer> </div> </article> </div> <div class="o-col-6@sm o-col-3@md"> <article class="c-card c-card--standard@xs"> <a href="https://securelist.com/cloudcomputating-qsc-framework/114438/" class="c-card__figure" style=""> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/11/07083007/cloud-computating-featured-image-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" loading="lazy" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/11/07083007/cloud-computating-featured-image-800x450.jpg" data-srcset="" srcset="" /> </a> <div class="c-card__body"> <header class="c-card__header"> <p class="c-card__headline u-hidden u-block@md"> <a href="https://securelist.com/category/malware-descriptions/" class="c-tag c-tag--primary">Malware descriptions</a> </p> <h3 class="c-card__title"><a href="https://securelist.com/cloudcomputating-qsc-framework/114438/" class="c-card__link">QSC: A multi-plugin framework used by CloudComputating group in cyberespionage campaigns</a></h3> </header> <footer class="c-card__footer"> <div class="c-card__authors"> <ul class="c-list-authors c-list-authors--comma"> <li> <a href="https://securelist.com/author/saurabhsharma/" > <span>Saurabh Sharma</span></a> </li> </ul> </div> </footer> </div> </article> </div> <div class="o-col-6@sm o-col-3@md"> <article class="c-card c-card--standard@xs"> <a href="https://securelist.com/steelfox-trojan-drops-stealer-and-miner/114414/" class="c-card__figure" style=""> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/11/05093826/steelfox-featured-image-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail wp-post-image" alt="" decoding="async" loading="lazy" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/11/05093826/steelfox-featured-image-800x450.jpg" data-srcset="" srcset="" /> </a> <div class="c-card__body"> <header class="c-card__header"> <p class="c-card__headline u-hidden u-block@md"> <a href="https://securelist.com/category/malware-descriptions/" class="c-tag c-tag--primary">Malware descriptions</a> </p> <h3 class="c-card__title"><a href="https://securelist.com/steelfox-trojan-drops-stealer-and-miner/114414/" class="c-card__link">New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency</a></h3> </header> <footer class="c-card__footer"> <div class="c-card__authors"> <ul class="c-list-authors c-list-authors--comma"> <li> <a href="https://securelist.com/author/kirillkorchemny/" > <span>Kirill Korchemny</span></a> </li> </ul> </div> </footer> </div> </article> </div> </div> </div> </section> <section class="c-block c-block--spacing-t-small c-block--spacing-b-small@md c-block--divider-internal" data-element-id="latest-webinars-post-section"> <div class="o-container-fluid"> <h5 class="c-block__title">Latest Webinars</h5> <div class="o-row o-row--small-gutters@sm c-card__row c-card__row--fixed-width-down@sm js-slider-posts-mobile"> <div class="o-col-6@sm o-col-3@md"> <article class="c-card c-card--standard@xs"> <div class="c-card__figure"> <a href="https://securelist.com/webinars/inside-the-dark-web-exploring-the-human-side-of-cybercriminals/" class="c-card__figure-link" data-element-id="latest-webinars-post-image"> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/09/10125625/cybercriminal-portrait-webinar-800x450.png" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail" alt="" title="" decoding="async" loading="lazy" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/09/10125625/cybercriminal-portrait-webinar-800x450.png" data-srcset="" srcset="" /> </a> </div> <div class="c-card__body"> <header class="c-card__header"> <p class="c-card__headline"> <a href="https://securelist.com/webinar-category/threat-intelligence-and-incident-response/" class="c-tag c-tag--primary c-tag--has-icon" data-element-id="latest-webinars-post-category"><span class="c-tag__icon"><svg class="o-icon o-svg-icon o-svg-larger"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-webinar"></use></svg></span>Threat intelligence and IR</a> </p> <div class="u-flex u-justify-between"> <time datetime="2024-09-04T17:00:00+00:00" class="c-card__event-date"> 04 Sep 2024, 5:00pm </time> <span class="c-card__event-date">60 min</span> </div> <h3 class="c-card__title"><a href="https://securelist.com/webinars/inside-the-dark-web-exploring-the-human-side-of-cybercriminals/" class="c-card__link" data-element-id="latest-webinars-post-title">Inside the Dark Web: exploring the human side of cybercriminals</a></h3> </header> <footer class="c-card__footer"> <div class="c-card__authors"> <ul class="c-list-authors c-list-authors--comma"> <li> <a href="https://securelist.com/author/annapavlovskaya/" data-element-id="latest-webinars-post-author"> <span>Anna Pavlovskaya</span></a> </li> </ul> </div> </footer> </div> </article> </div> <div class="o-col-6@sm o-col-3@md"> <article class="c-card c-card--standard@xs"> <div class="c-card__figure"> <a href="https://securelist.com/webinars/the-cybersecurity-buyers-dilemma-hype-vs-true-expertise/" class="c-card__figure-link" data-element-id="latest-webinars-post-image"> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/27144737/expertise-center-webinar-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail" alt="" title="" decoding="async" loading="lazy" srcset="" sizes="(max-width: 800px) 100vw, 800px" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/27144737/expertise-center-webinar-800x450.jpg" data-srcset="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/27144737/expertise-center-webinar-800x450.jpg 800w, https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/27144737/expertise-center-webinar-300x168.jpg 300w, https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/27144737/expertise-center-webinar-500x280.jpg 500w" /> </a> </div> <div class="c-card__body"> <header class="c-card__header"> <p class="c-card__headline"> <a href="https://securelist.com/webinar-category/technologies-and-services/" class="c-tag c-tag--primary c-tag--has-icon" data-element-id="latest-webinars-post-category"><span class="c-tag__icon"><svg class="o-icon o-svg-icon o-svg-larger"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-webinar"></use></svg></span>Technologies and services</a> </p> <div class="u-flex u-justify-between"> <time datetime="2024-08-13T17:00:00+00:00" class="c-card__event-date"> 13 Aug 2024, 5:00pm </time> <span class="c-card__event-date">60 min</span> </div> <h3 class="c-card__title"><a href="https://securelist.com/webinars/the-cybersecurity-buyers-dilemma-hype-vs-true-expertise/" class="c-card__link" data-element-id="latest-webinars-post-title">The Cybersecurity Buyer&#8217;s Dilemma: Hype vs (True) Expertise</a></h3> </header> <footer class="c-card__footer"> <div class="c-card__authors"> <ul class="c-list-authors c-list-authors--comma"> <li> <a href="https://securelist.com/author/oleggorobets/" data-element-id="latest-webinars-post-author"> <span>Oleg Gorobets</span></a> </li> <li> <a href="https://securelist.com/author/alexanderliskin/" data-element-id="latest-webinars-post-author"> <span>Alexander Liskin</span></a> </li> </ul> </div> </footer> </div> </article> </div> <div class="o-col-6@sm o-col-3@md"> <article class="c-card c-card--standard@xs"> <div class="c-card__figure"> <a href="https://securelist.com/webinars/cybersecuritys-human-factor-more-than-an-unpatched-vulnerability/" class="c-card__figure-link" data-element-id="latest-webinars-post-image"> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/27140525/human-factor-webinar-01-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail" alt="" title="" decoding="async" loading="lazy" srcset="" sizes="(max-width: 800px) 100vw, 800px" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/27140525/human-factor-webinar-01-800x450.jpg" data-srcset="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/27140525/human-factor-webinar-01-800x450.jpg 800w, https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/27140525/human-factor-webinar-01-300x168.jpg 300w, https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/27140525/human-factor-webinar-01-500x280.jpg 500w" /> </a> </div> <div class="c-card__body"> <header class="c-card__header"> <p class="c-card__headline"> <a href="https://securelist.com/webinar-category/cyberthreat-talks/" class="c-tag c-tag--primary c-tag--has-icon" data-element-id="latest-webinars-post-category"><span class="c-tag__icon"><svg class="o-icon o-svg-icon o-svg-larger"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-webinar"></use></svg></span>Cyberthreat talks</a> </p> <div class="u-flex u-justify-between"> <time datetime="2024-07-16T17:00:00+00:00" class="c-card__event-date"> 16 Jul 2024, 5:00pm </time> <span class="c-card__event-date">60 min</span> </div> <h3 class="c-card__title"><a href="https://securelist.com/webinars/cybersecuritys-human-factor-more-than-an-unpatched-vulnerability/" class="c-card__link" data-element-id="latest-webinars-post-title">Cybersecurity&#8217;s human factor – more than an unpatched vulnerability</a></h3> </header> <footer class="c-card__footer"> <div class="c-card__authors"> <ul class="c-list-authors c-list-authors--comma"> <li> <a href="https://securelist.com/author/oleggorobets/" data-element-id="latest-webinars-post-author"> <span>Oleg Gorobets</span></a> </li> </ul> </div> </footer> </div> </article> </div> <div class="o-col-6@sm o-col-3@md"> <article class="c-card c-card--standard@xs"> <div class="c-card__figure"> <a href="https://securelist.com/webinars/building-and-prioritizing-detection-engineering-backlogs-with-mitre-attck/" class="c-card__figure-link" data-element-id="latest-webinars-post-image"> <img width="800" height="450" src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/07/09100900/sl-detection_backlog_prioritization-featured-800x450.jpg" class="attachment-securelist-2020-thumbnail size-securelist-2020-thumbnail" alt="" title="" decoding="async" loading="lazy" srcset="" sizes="(max-width: 800px) 100vw, 800px" data-src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/07/09100900/sl-detection_backlog_prioritization-featured-800x450.jpg" data-srcset="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/07/09100900/sl-detection_backlog_prioritization-featured-800x450.jpg 800w, https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/07/09100900/sl-detection_backlog_prioritization-featured-300x168.jpg 300w, https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/07/09100900/sl-detection_backlog_prioritization-featured-500x280.jpg 500w" /> </a> </div> <div class="c-card__body"> <header class="c-card__header"> <p class="c-card__headline"> <a href="https://securelist.com/webinar-category/trainings-and-workshops/" class="c-tag c-tag--primary c-tag--has-icon" data-element-id="latest-webinars-post-category"><span class="c-tag__icon"><svg class="o-icon o-svg-icon o-svg-larger"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-webinar"></use></svg></span>Trainings and workshops</a> </p> <div class="u-flex u-justify-between"> <time datetime="2024-07-09T16:00:00+00:00" class="c-card__event-date"> 09 Jul 2024, 4:00pm </time> <span class="c-card__event-date">60 min</span> </div> <h3 class="c-card__title"><a href="https://securelist.com/webinars/building-and-prioritizing-detection-engineering-backlogs-with-mitre-attck/" class="c-card__link" data-element-id="latest-webinars-post-title">Building and prioritizing detection engineering backlogs with MITRE ATT&#038;CK</a></h3> </header> <footer class="c-card__footer"> <div class="c-card__authors"> <ul class="c-list-authors c-list-authors--comma"> <li> <a href="https://securelist.com/author/andreytamoykin/" data-element-id="latest-webinars-post-author"> <span>Andrey Tamoykin</span></a> </li> </ul> </div> </footer> </div> </article> </div> </div> </div> </section> <section data-element-id="footer-reports-section" class="c-block c-block--spacing-t-small c-block--spacing-b-small@md c-block--divider-internal"> <div class="o-container-fluid"> <h5 class="c-block__title">Reports</h5> <div class="o-row o-row--small-gutters"> <div class="o-col-8@sm"> <div class="o-row o-row--small-gutters"> <div class="o-col-6@md"> <article class="c-card c-card--standard@xs"> <div class="c-card__body"> <header class="c-card__header"> <h3 class="c-card__title"><a data-element-id="footer-reports-title" href="https://securelist.com/sidewinder-apt/114089/" class="c-card__link">Beyond the Surface: the evolution and expansion of the SideWinder APT group</a></h3> </header> <div class="c-card__desc"> <p>Kaspersky analyzes SideWinder APT’s recent activity: new targets in the MiddleEast and Africa, post-exploitation tools and techniques.</p> </div> </div> </article> </div> <div class="o-col-6@md c-card__dividers c-card__dividers--hide@md"> <article class="c-card c-card--standard@xs"> <div class="c-card__body"> <header class="c-card__header"> <h3 class="c-card__title"><a data-element-id="footer-reports-title" href="https://securelist.com/blindeagle-apt/113414/" class="c-card__link">BlindEagle flying high in Latin America</a></h3> </header> <div class="c-card__desc u-hidden u-block@md"> <p>Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries.</p> </div> </div> </article> </div> <div class="o-col-6@md c-card__dividers c-card__dividers--hide@md"> <article class="c-card c-card--standard@xs"> <div class="c-card__body"> <header class="c-card__header"> <h3 class="c-card__title"><a data-element-id="footer-reports-title" href="https://securelist.com/eastwind-apt-campaign/113345/" class="c-card__link">EastWind campaign: new CloudSorcerer attacks on government organizations in Russia</a></h3> </header> <div class="c-card__desc u-hidden u-block@md"> <p>Kaspersky has identified a new EastWind campaign targeting Russian organizations and using CloudSorcerer as well as APT31 and APT27 tools.</p> </div> </div> </article> </div> <div class="o-col-6@md c-card__dividers c-card__dividers--hide@md"> <article class="c-card c-card--standard@xs"> <div class="c-card__body"> <header class="c-card__header"> <h3 class="c-card__title"><a data-element-id="footer-reports-title" href="https://securelist.com/apt-trends-report-q2-2024/113275/" class="c-card__link">APT trends report Q2 2024</a></h3> </header> <div class="c-card__desc u-hidden u-block@md"> <p>The report features the most significant developments relating to APT groups in Q2 2024, including the new backdoor in Linux utility XZ, a new RAT called SalmonQT, and hacktivist activity.</p> </div> </div> </article> </div> </div> </div> <div class="o-col-4@sm u-hidden u-block@sm"> <div class="c-image c-image--overflow-down@sm"> <a href="https://www.kaspersky.com/next?icid=gl_KNext_acq_ona_smm__onl_b2b_securelist_ban_sm-team___knext___"><img src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/12/10091839/NEXT_370x500_EN.jpg" /></a> </div> </div> </div> </div> </section> <section class="c-block c-block--spacing-t-small c-block--spacing-b-small@md" data-element-id="footer-subscribe-section"> <div class="o-container-fluid"> <div class="o-row c-block__row u-flex-nowrap@md"> <div class="o-col"> <div class="c-block__header"> <h5 class="c-block__title">Subscribe to our weekly e-mails</h5> <p>The hottest research right in your inbox</p> </div> </div> <div class="o-col u-flex-shrink-0 u-flex-grow"> <div class="c-form--newsletter u-ml-auto"> <div class='gf_browser_ie gf_browser_ie7 gform_wrapper gform_wrapper_original_id_11 gravity-theme subscribe-mc_wrapper' id='gform_wrapper_1876727687' ><div id='gf_1876727687' class='gform_anchor' tabindex='-1'></div><form method='post' enctype='multipart/form-data' target='gform_ajax_frame_1876727687' id='gform_1876727687' class='subscribe-mc' action='/updated-mata-attacks-industrial-companies-in-eastern-europe/110829/#gf_1876727687' > <div class="gform-content-wrapper"><div class='gform_body gform-body'><div id='gform_fields_1876727687' class='gform_fields top_label form_sublabel_below description_below'><div id="field_11_1" class="gfield gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible" ><label class='gfield_label screen-reader-text' for='input_1876727687_1' >Email<span class="gfield_required"><span class="gfield_required gfield_required_text">(Required)</span></span></label><div class='ginput_container ginput_container_email'> <input name='input_1' id='input_1876727687_1' type='text' value='' class='medium' placeholder='Email' aria-required="true" aria-invalid="false" /> </div></div><div id="field_11_3" class="gfield js-kaspersky-gform-recaptcha-placeholder gform_hidden field_sublabel_below field_description_below gfield_visibility_hidden" ><div class='ginput_container ginput_container_text'><input name='input_3' id='input_1876727687_3' type='hidden' class='gform_hidden' aria-invalid="false" value='' /></div></div><fieldset id="field_11_2" class="gfield input-without-label label-gdpr gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible" ><legend class='gfield_label screen-reader-text gfield_label_before_complex' ><span class="gfield_required"><span class="gfield_required gfield_required_text">(Required)</span></span></legend><div class='ginput_container ginput_container_checkbox'><div class='gfield_checkbox' id='input_1876727687_2'><div class='gchoice gchoice_11_2_1'> <input class='gfield-choice-input' name='input_2.1' type='checkbox' value='I agree' id='choice_1876727687_11_2_1' /> <label for='choice_1876727687_11_2_1' id='label_1876727687_11_2_1'>I agree to provide my email address to “AO Kaspersky Lab” to receive information about new posts on the site. I understand that I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above.</label> </div></div></div></fieldset></div></div> <div class='gform_footer top_label'> <button class="gform_button button" type="submit" id='gform_submit_button_1876727687' value="Sign up"> <svg class="o-icon o-svg-icon o-svg-large u-hidden u-inline-block@sm"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-envelope"></use></svg> <span class="u-hidden u-inline@sm">Subscribe</span> <span class="u-hidden@sm"><svg class="o-icon o-svg-icon o-svg-right"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-arrow"></use></svg></span> </button> <input type='hidden' name='gform_ajax' value='form_id=11&amp;title=&amp;description=&amp;tabindex=0' /> <input type='hidden' class='gform_hidden' name='is_submit_11' value='1' /> <input type='hidden' class='gform_hidden' name='gform_submit' value='11' /> <input type='hidden' class='gform_hidden' name='gform_unique_id' value='' /> <input type='hidden' class='gform_hidden' name='state_11' value='WyJbXSIsImIwODQwZTA2ZGQ0NzYwODcyOTBkZjNmZDM1NDk2Y2ZkIl0=' /> <input type='hidden' class='gform_hidden' name='gform_target_page_number_11' id='gform_target_page_number_1876727687_11' value='0' /> <input type='hidden' class='gform_hidden' name='gform_source_page_number_11' id='gform_source_page_number_1876727687_11' value='1' /> <input type='hidden' name='gform_random_id' value='1876727687' /><input type='hidden' name='gform_field_values' value='securelist_2020_form_location=' /> </div> </div><p style="display: none !important;" class="akismet-fields-container" data-prefix="ak_"><label>&#916;<textarea name="ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js_3" name="ak_js" value="33"/><script>document.getElementById( "ak_js_3" ).setAttribute( "value", ( new Date() ).getTime() );</script></p></form> </div> <iframe style='display:none;width:0px;height:0px;' src='about:blank' name='gform_ajax_frame_1876727687' id='gform_ajax_frame_1876727687' title='This iframe contains the logic required to handle Ajax powered Gravity Forms.'></iframe> <script type="text/javascript"> /* <![CDATA[ */ gform.initializeOnLoaded( function() {gformInitSpinner( 1876727687, 'https://securelist.com/wp-content/themes/securelist2020/assets/images/content/ajax-spinner-red.svg' );jQuery('#gform_ajax_frame_1876727687').on('load',function(){var contents = jQuery(this).contents().find('*').html();var is_postback = contents.indexOf('GF_AJAX_POSTBACK') >= 0;if(!is_postback){return;}var form_content = jQuery(this).contents().find('#gform_wrapper_1876727687');var is_confirmation = jQuery(this).contents().find('#gform_confirmation_wrapper_1876727687').length > 0;var is_redirect = contents.indexOf('gformRedirect(){') >= 0;var is_form = form_content.length > 0 && ! is_redirect && ! is_confirmation;var mt = parseInt(jQuery('html').css('margin-top'), 10) + parseInt(jQuery('body').css('margin-top'), 10) + 100;if(is_form){jQuery('#gform_wrapper_1876727687').html(form_content.html());if(form_content.hasClass('gform_validation_error')){jQuery('#gform_wrapper_1876727687').addClass('gform_validation_error');} else {jQuery('#gform_wrapper_1876727687').removeClass('gform_validation_error');}setTimeout( function() { /* delay the scroll by 50 milliseconds to fix a bug in chrome */ jQuery(document).scrollTop(jQuery('#gform_wrapper_1876727687').offset().top - mt); }, 50 );if(window['gformInitDatepicker']) {gformInitDatepicker();}if(window['gformInitPriceFields']) {gformInitPriceFields();}var current_page = jQuery('#gform_source_page_number_1876727687_11').val();gformInitSpinner( 1876727687, 'https://securelist.com/wp-content/themes/securelist2020/assets/images/content/ajax-spinner-red.svg' );jQuery(document).trigger('gform_page_loaded', [1876727687, current_page]);window['gf_submitting_1876727687'] = false;}else if(!is_redirect){var confirmation_content = jQuery(this).contents().find('.GF_AJAX_POSTBACK').html();if(!confirmation_content){confirmation_content = contents;}setTimeout(function(){jQuery('#gform_wrapper_1876727687').replaceWith(confirmation_content);jQuery(document).scrollTop(jQuery('#gf_1876727687').offset().top - mt);jQuery(document).trigger('gform_confirmation_loaded', [1876727687]);window['gf_submitting_1876727687'] = false;wp.a11y.speak(jQuery('#gform_confirmation_message_1876727687').text());}, 50);}else{jQuery('#gform_1876727687').append(contents);if(window['gformRedirect']) {gformRedirect();}}jQuery(document).trigger('gform_post_render', [1876727687, current_page]);} );} ); /* ]]> */ </script> </div> </div> </div> <div class="u-hidden@sm u-mb-spacer-base-"> <div class="c-image c-image--overflow-down@sm"> <a href="https://www.kaspersky.com/next?icid=gl_KNext_acq_ona_smm__onl_b2b_securelist_ban_sm-team___knext___"><img src="https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2024/08/28092440/NEXT_banner_1080x1080-740x740.jpg" /></a> </div> </div> </div> </section> </div><!-- /.c-page --> <section class="c-block c-block--spacing-t-small c-block--spacing-t-large@md c-block--spacing-b c-page-footer c-block--bg-image c-color--invert" style="background-image: url(https://securelist.com/wp-content/themes/securelist2020/assets/images/content/bg-gradient-02.jpg);"> <div class="o-container-fluid"> <div data-element-id="footer-content-block" class="c-page-footer__content"> <div class="o-row o-row--reverse"> <div class="o-col-9@md"> <div class="c-page-menu"> <div class="o-row c-page-menu__dividers"> <div class="o-col-4@md"><div class="c-accordion js-accordion c-accordion--reset@md"><p class="menu-item-threats section-title accordion menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-226 c-page-menu__title u-hidden u-block@md"><a href="https://securelist.com/threat-categories/" data-element-id="footer-content-link">Threats</a></p><div class="c-accordion-toggle js-accordion-toggle"><p>Threats</p></div><div class="c-accordion-container js-accordion-container"> <ul class="sub-menu"> <li class="menu-item menu-item-type-taxonomy menu-item-object-threat-category current-post-ancestor current-menu-parent current-post-parent menu-item-99839"><a href="https://securelist.com/threat-category/apt-targeted-attacks/" data-element-id="footer-content-link">APT (Targeted attacks)</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-89457"><a href="https://securelist.com/threat-category/secure-environment/" data-element-id="footer-content-link">Secure environment (IoT)</a></li> <li class="topic-item vulnerabilities menu-item menu-item-type-custom menu-item-object-custom menu-item-63231"><a href="https://securelist.com/threat-category/mobile-threats/" data-element-id="footer-content-link">Mobile threats</a></li> <li class="topic-item detected menu-item menu-item-type-custom menu-item-object-custom menu-item-63229"><a href="https://securelist.com/threat-category/financial-threats/" data-element-id="footer-content-link">Financial threats</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-89458"><a href="https://securelist.com/threat-category/spam-and-phishing/" data-element-id="footer-content-link">Spam and phishing</a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-threat-category current-post-ancestor current-menu-parent current-post-parent menu-item-99840"><a href="https://securelist.com/threat-category/industrial-threats/" data-element-id="footer-content-link">Industrial threats</a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-threat-category menu-item-89465"><a href="https://securelist.com/threat-category/web-threats/" data-element-id="footer-content-link">Web threats</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-89459"><a href="https://securelist.com/threat-category/vulnerabilities-and-exploits/" data-element-id="footer-content-link">Vulnerabilities and exploits</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-113855"><a href="https://securelist.com/threat-categories/" data-element-id="footer-content-link">All threats</a></li> </ul> </li> </li></ul></div></div></div><div class="o-col-4@md"><div class="c-accordion js-accordion c-accordion--reset@md"><p class="menu-item-categories section-title accordion menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-230 c-page-menu__title u-hidden u-block@md"><a href="https://securelist.com/categories/" data-element-id="footer-content-link">Categories</a></p><div class="c-accordion-toggle js-accordion-toggle"><p>Categories</p></div><div class="c-accordion-container js-accordion-container"> <ul class="sub-menu"> <li class="menu-item menu-item-type-taxonomy menu-item-object-category current-post-ancestor current-menu-parent current-post-parent menu-item-84158"><a href="https://securelist.com/category/apt-reports/" data-element-id="footer-content-link">APT reports</a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-99841"><a href="https://securelist.com/category/malware-descriptions/" data-element-id="footer-content-link">Malware descriptions</a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-84160"><a href="https://securelist.com/category/kaspersky-security-bulletin/" data-element-id="footer-content-link">Security Bulletin</a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-84161"><a href="https://securelist.com/category/malware-reports/" data-element-id="footer-content-link">Malware reports</a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-89460"><a href="https://securelist.com/category/spam-and-phishing-reports/" data-element-id="footer-content-link">Spam and phishing reports</a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-99842"><a href="https://securelist.com/category/security-technologies/" data-element-id="footer-content-link">Security technologies</a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-84165"><a href="https://securelist.com/category/research/" data-element-id="footer-content-link">Research</a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-84164"><a href="https://securelist.com/category/publications/" data-element-id="footer-content-link">Publications</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-113876"><a href="https://securelist.com/categories/" data-element-id="footer-content-link">All categories</a></li> </ul> </li> </li></ul></div></div></div><div class="o-col-4@md"><p class="menu-item-tags section-title after-accordion menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-277 c-page-menu__title u-hidden u-block@md"><a data-element-id="footer-content-link">Other sections</a></p> <ul class="sub-menu"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-100526"><a href="https://securelist.com/all/" data-element-id="footer-content-link">Archive</a></li> <li class="show-all-tags menu-item menu-item-type-post_type menu-item-object-page menu-item-57837"><a href="https://securelist.com/tags/" data-element-id="footer-content-link">All tags</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-101956"><a href="https://securelist.com/webinars/" data-element-id="footer-content-link">Webinars</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-101126"><a target="_blank" rel="noopener noreferrer" href="https://apt.securelist.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="footer-content-link">APT Logbook</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-241"><a target="_blank" rel="noopener noreferrer" href="https://statistics.securelist.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="footer-content-link">Statistics</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-86643"><a target="_blank" rel="noopener noreferrer" href="https://encyclopedia.kaspersky.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="footer-content-link">Encyclopedia</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-58141"><a target="_blank" rel="noopener noreferrer" href="https://threats.kaspersky.com/?icid=gl_seclistheader_acq_ona_smm__onl_b2b_securelist_main-menu_sm-team_______001391deb99c290f" data-element-id="footer-content-link">Threats descriptions</a></li> <li class="menu-item menu-item-type-post_type menu-item-object-page menu-item-111312"><a href="https://securelist.com/ksb-2023/" data-element-id="footer-content-link">KSB 2023</a></li> </ul> </li> </div> </div> </div> </div> <div class="o-col-3@md"> <div class="c-site-logo c-site-logo--kaspersky"></div> </div> </div> </div> <div data-element-id="footer-menu-block" class="c-page-footer__wrapper"> <div class="c-page-footer__info"> <p>© 2024 AO Kaspersky Lab. All Rights Reserved.<br /> Registered trademarks and service marks are the property of their respective owners.</p> </div> <div class="c-page-footer__links"> <ul> <li><a data-element-id="footer-menu-link" href="https://www.kaspersky.com/web-privacy-policy?icid=gl_seclistfooter_acq_ona_smm__onl_b2b_securelist_footer_sm-team_______11d7a8212d94123d">Privacy Policy</a></li> <li><a data-element-id="footer-menu-link" href="https://www.kaspersky.com/end-user-license-agreement?icid=gl_seclistfooter_acq_ona_smm__onl_b2b_securelist_footer_sm-team_______11d7a8212d94123d">License Agreement</a></li> <li><a data-element-id="footer-menu-link" href="javascript: void(0);" onclick="javascript: Cookiebot.renew()">Cookies</a></li> </ul> </div> </div> </div> </section> <div id="modal-newsletter" class="c-modal__wrapper c-modal__wrapper--sm mfp-hide"> <div class="c-modal"> <a href="#" class="c-modal-close js-modal-close"></a> <div class="c-modal__main"> <div class="c-block c-block--spacing-t-small c-block--spacing-b-small"> <div class="o-container-fluid"> <div class="c-block__header"> <h5 class="c-title--small">Subscribe to our weekly e-mails</h5> <p>The hottest research right in your inbox</p> </div> <div class="c-form--float-labels js-float-labels"> <div class='gf_browser_ie gf_browser_ie7 gform_wrapper gform_wrapper_original_id_11 gravity-theme subscribe-mc_wrapper' id='gform_wrapper_3779557847' ><div id='gf_3779557847' class='gform_anchor' tabindex='-1'></div><form method='post' enctype='multipart/form-data' target='gform_ajax_frame_3779557847' id='gform_3779557847' class='subscribe-mc' action='/updated-mata-attacks-industrial-companies-in-eastern-europe/110829/#gf_3779557847' > <div class="gform-content-wrapper"><div class='gform_body gform-body'><div id='gform_fields_3779557847' class='gform_fields top_label form_sublabel_below description_below'><div id="field_11_1" class="gfield gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible" ><label class='gfield_label screen-reader-text' for='input_3779557847_1' >Email<span class="gfield_required"><span class="gfield_required gfield_required_text">(Required)</span></span></label><div class='ginput_container ginput_container_email'> <input name='input_1' id='input_3779557847_1' type='text' value='' class='medium' placeholder='Email' aria-required="true" aria-invalid="false" /> </div></div><div id="field_11_3" class="gfield js-kaspersky-gform-recaptcha-placeholder gform_hidden field_sublabel_below field_description_below gfield_visibility_hidden" ><div class='ginput_container ginput_container_text'><input name='input_3' id='input_3779557847_3' type='hidden' class='gform_hidden' aria-invalid="false" value='' /></div></div><fieldset id="field_11_2" class="gfield input-without-label label-gdpr gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible" ><legend class='gfield_label screen-reader-text gfield_label_before_complex' ><span class="gfield_required"><span class="gfield_required gfield_required_text">(Required)</span></span></legend><div class='ginput_container ginput_container_checkbox'><div class='gfield_checkbox' id='input_3779557847_2'><div class='gchoice gchoice_11_2_1'> <input class='gfield-choice-input' name='input_2.1' type='checkbox' value='I agree' id='choice_3779557847_11_2_1' /> <label for='choice_3779557847_11_2_1' id='label_3779557847_11_2_1'>I agree to provide my email address to “AO Kaspersky Lab” to receive information about new posts on the site. I understand that I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above.</label> </div></div></div></fieldset></div></div> <div class='gform_footer top_label'> <button type="submit" class="gform_button button" id='gform_submit_button_3779557847' value="Sign up"> <svg class="o-icon o-svg-icon o-svg-large"><use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg#icon-envelope"></use></svg> <span>Subscribe</span> </button> <input type='hidden' name='gform_ajax' value='form_id=11&amp;title=&amp;description=&amp;tabindex=0' /> <input type='hidden' class='gform_hidden' name='is_submit_11' value='1' /> <input type='hidden' class='gform_hidden' name='gform_submit' value='11' /> <input type='hidden' class='gform_hidden' name='gform_unique_id' value='' /> <input type='hidden' class='gform_hidden' name='state_11' value='WyJbXSIsImIwODQwZTA2ZGQ0NzYwODcyOTBkZjNmZDM1NDk2Y2ZkIl0=' /> <input type='hidden' class='gform_hidden' name='gform_target_page_number_11' id='gform_target_page_number_3779557847_11' value='0' /> <input type='hidden' class='gform_hidden' name='gform_source_page_number_11' id='gform_source_page_number_3779557847_11' value='1' /> <input type='hidden' name='gform_random_id' value='3779557847' /><input type='hidden' name='gform_field_values' value='securelist_2020_form_location=sidebar' /> </div> </div><p style="display: none !important;" class="akismet-fields-container" data-prefix="ak_"><label>&#916;<textarea name="ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js_4" name="ak_js" value="166"/><script>document.getElementById( "ak_js_4" ).setAttribute( "value", ( new Date() ).getTime() );</script></p></form> </div> <iframe style='display:none;width:0px;height:0px;' src='about:blank' name='gform_ajax_frame_3779557847' id='gform_ajax_frame_3779557847' title='This iframe contains the logic required to handle Ajax powered Gravity Forms.'></iframe> <script type="text/javascript"> /* <![CDATA[ */ gform.initializeOnLoaded( function() {gformInitSpinner( 3779557847, 'https://securelist.com/wp-content/themes/securelist2020/assets/images/content/ajax-spinner-red.svg' );jQuery('#gform_ajax_frame_3779557847').on('load',function(){var contents = jQuery(this).contents().find('*').html();var is_postback = contents.indexOf('GF_AJAX_POSTBACK') >= 0;if(!is_postback){return;}var form_content = jQuery(this).contents().find('#gform_wrapper_3779557847');var is_confirmation = jQuery(this).contents().find('#gform_confirmation_wrapper_3779557847').length > 0;var is_redirect = contents.indexOf('gformRedirect(){') >= 0;var is_form = form_content.length > 0 && ! is_redirect && ! is_confirmation;var mt = parseInt(jQuery('html').css('margin-top'), 10) + parseInt(jQuery('body').css('margin-top'), 10) + 100;if(is_form){jQuery('#gform_wrapper_3779557847').html(form_content.html());if(form_content.hasClass('gform_validation_error')){jQuery('#gform_wrapper_3779557847').addClass('gform_validation_error');} else {jQuery('#gform_wrapper_3779557847').removeClass('gform_validation_error');}setTimeout( function() { /* delay the scroll by 50 milliseconds to fix a bug in chrome */ jQuery(document).scrollTop(jQuery('#gform_wrapper_3779557847').offset().top - mt); }, 50 );if(window['gformInitDatepicker']) {gformInitDatepicker();}if(window['gformInitPriceFields']) {gformInitPriceFields();}var current_page = jQuery('#gform_source_page_number_3779557847_11').val();gformInitSpinner( 3779557847, 'https://securelist.com/wp-content/themes/securelist2020/assets/images/content/ajax-spinner-red.svg' );jQuery(document).trigger('gform_page_loaded', [3779557847, current_page]);window['gf_submitting_3779557847'] = false;}else if(!is_redirect){var confirmation_content = jQuery(this).contents().find('.GF_AJAX_POSTBACK').html();if(!confirmation_content){confirmation_content = contents;}setTimeout(function(){jQuery('#gform_wrapper_3779557847').replaceWith(confirmation_content);jQuery(document).scrollTop(jQuery('#gf_3779557847').offset().top - mt);jQuery(document).trigger('gform_confirmation_loaded', [3779557847]);window['gf_submitting_3779557847'] = false;wp.a11y.speak(jQuery('#gform_confirmation_message_3779557847').text());}, 50);}else{jQuery('#gform_3779557847').append(contents);if(window['gformRedirect']) {gformRedirect();}}jQuery(document).trigger('gform_post_render', [3779557847, current_page]);} );} ); /* ]]> */ </script> </div> </div> </div> </div><!-- /.c-modal__main --> </div><!-- /.c-modal --> </div><!-- /.c-modal__wrapper --> <script type="text/javascript"> if ( typeof _recaptcha_wordpress_savedcomment != 'undefined') { document.getElementById('comment').value = _recaptcha_wordpress_savedcomment; } </script><script type="text/javascript" src="https://kasperskycontenthub.com/securelist/wp-content/plugins/kaspersky-embeds/js/scripts.js?ver=1.0" id="kspr_embeds-js"></script> <script type="text/javascript" src="https://www.google.com/recaptcha/api.js?render=explicit&amp;ver=202124050927" id="kaspersky-dynamic-gravity-forms-google-recaptcha-js"></script> <script type="text/javascript" id="kaspersky-omniture-js-extra"> /* <![CDATA[ */ var kaspersky = {"pageName":"Kaspersky Securelist","pageType":"blog","platformName":"Micro Site","businessType":"b2c","siteLocale":"en-GLOBAL"}; /* ]]> */ </script> <script type="text/javascript" src="//media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=6.5.5" id="kaspersky-omniture-js"></script> <script type="text/javascript" id="crayon_js-js-extra"> /* <![CDATA[ */ var CrayonSyntaxSettings = {"version":"_2.7.2_beta","is_admin":"0","ajaxurl":"https:\/\/securelist.com\/wp-admin\/admin-ajax.php","prefix":"crayon-","setting":"crayon-setting","selected":"crayon-setting-selected","changed":"crayon-setting-changed","special":"crayon-setting-special","orig_value":"data-orig-value","debug":""}; var CrayonSyntaxStrings = {"copy":"Press %s to Copy, %s to Paste","minimize":"Click To Expand Code"}; /* ]]> */ </script> <script type="text/javascript" id="kaspersky-dynamic-gravity-forms-main-js-extra"> /* <![CDATA[ */ var kasperskyDynamicaReCaptchaData = {"ajaxUrl":"https:\/\/securelist.com\/wp-admin\/admin-ajax.php"}; /* ]]> */ </script> <script type="text/javascript" id="wp-autosearch-script-js-extra"> /* <![CDATA[ */ var wp_autosearch_config = {"autocomplete_taxonomies":{"0":"category"},"split_results_by_type":"true","search_title":"true","search_content":"false","search_terms":"false","search_exactonly":"true","order_by":"title","order":"DESC","search_comments":"false","search_tags":"false","no_of_results":"5","description_limit":"100","title_limit":"50","excluded_ids":{},"excluded_cats":{"0":0},"full_search_url":"https:\/\/kasperskycontenthub.com\/securelist\/?s=%q%","min_chars":"3","ajax_delay":"200","cache_length":"200","autocomplete_sortorder":"posts","thumb_image_display":"false","thumb_image_width":"50","thumb_image_height":"50","get_first_image":"true","force_resize_first_image":"true","thumb_image_crop":"true","default_image":"https:\/\/kasperskycontenthub.com\/securelist\/wp-content\/plugins\/wp-autosearch\/assert\/image\/default.png","search_image":"","display_more_bar":"false","display_result_title":"false","enable_token":"true","custom_css":"","custom_js":"","try_full_search_text":"Search more...","no_results_try_full_search_text":"No Results!","show_author":"false","show_date":"false","description_result":"false","color":{"results_even_bar":"E8E8E8","results_odd_bar":"FFFFFF","results_even_text":"000000","results_odd_text":"000000","results_hover_bar":"5CCCB2","results_hover_text":"FFFFFF","seperator_bar":"2D8DA0","seperator_hover_bar":"6A81A0","seperator_text":"FFFFFF","seperator_hover_text":"FFFFFF","more_bar":"5286A0","more_hover_bar":"4682A0","more_text":"FFFFFF","more_hover_text":"FFFFFF","box_border":"57C297","box_background":"FFFFFF","box_text":"000000"},"title":{"page":"Pages","post":"Posts","webinars":"Webinars"},"post_types":{"0":"page","1":"post","2":"webinars"},"nonce":"92725ed6a8","ajax_url":"https:\/\/securelist.com\/wp-admin\/admin-ajax.php"}; /* ]]> */ </script> <script type="text/javascript" id="securelist-script-js-extra"> /* <![CDATA[ */ var securelist2020Data = {"ajaxUrl":"https:\/\/securelist.com\/wp-admin\/admin-ajax.php","loading":"Loading...","marketoBaseURL":"","marketoVirtualForm":"27241","munchkinID":"802-IJN-240","reCaptcha_key":"6Lf2eUQUAAAAAC-GQSZ6R2pjePmmD6oA6F_3AV7j"}; /* ]]> */ </script> <script type='text/javascript' src='//assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/js/min/crayon.min.js,wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/main.js,wp-content/plugins/kaspersky-lazy-load/assets/js/main.js,wp-content/plugins/kaspersky-wp-autosearch/assert/js/migrate.js,wp-content/plugins/kaspersky-wp-autosearch/assert/js/autocomplete.js,wp-content/plugins/kaspersky-wp-autosearch/assert/js/ajax-script.js,wp-content/plugins/wds-no-login-autocomplete/js/script.js,wp-content/themes/securelist2020/assets/js/main.js,wp-includes/js/comment-reply.min.js,wp-content/plugins/akismet/_inc/akismet-frontend.js'></script> <script type='text/javascript' src='//assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/js/dist/vendor/wp-polyfill-inert.min.js,wp-includes/js/dist/vendor/regenerator-runtime.min.js,wp-includes/js/dist/vendor/wp-polyfill.min.js,wp-includes/js/dist/dom-ready.min.js,wp-includes/js/dist/hooks.min.js,wp-includes/js/dist/i18n.min.js,wp-includes/js/dist/a11y.min.js'></script> <script type="text/javascript" defer='defer' src="https://securelist.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.5.16.3" id="gform_json-js"></script> <script type="text/javascript" id="gform_gravityforms-js-extra"> /* <![CDATA[ */ var gform_i18n = {"datepicker":{"days":{"monday":"Mon","tuesday":"Tue","wednesday":"Wed","thursday":"Thu","friday":"Fri","saturday":"Sat","sunday":"Sun"},"months":{"january":"January","february":"February","march":"March","april":"April","may":"May","june":"June","july":"July","august":"August","september":"September","october":"October","november":"November","december":"December"},"firstDay":1,"iconText":"Select date"}}; var gf_global = {"gf_currency_config":{"name":"U.S. Dollar","symbol_left":"$","symbol_right":"","symbol_padding":"","thousand_separator":",","decimal_separator":".","decimals":2,"code":"USD"},"base_url":"https:\/\/securelist.com\/wp-content\/plugins\/gravityforms","number_formats":[],"spinnerUrl":"https:\/\/securelist.com\/wp-content\/plugins\/gravityforms\/images\/spinner.svg","strings":{"newRowAdded":"New row added.","rowRemoved":"Row removed","formSaved":"The form has been saved. The content contains the link to return and complete the form."}}; var gf_legacy_multi = {"11":""}; var gf_global = {"gf_currency_config":{"name":"U.S. Dollar","symbol_left":"$","symbol_right":"","symbol_padding":"","thousand_separator":",","decimal_separator":".","decimals":2,"code":"USD"},"base_url":"https:\/\/securelist.com\/wp-content\/plugins\/gravityforms","number_formats":[],"spinnerUrl":"https:\/\/securelist.com\/wp-content\/plugins\/gravityforms\/images\/spinner.svg","strings":{"newRowAdded":"New row added.","rowRemoved":"Row removed","formSaved":"The form has been saved. The content contains the link to return and complete the form."}}; var gf_legacy_multi = {"11":""}; var gf_global = {"gf_currency_config":{"name":"U.S. Dollar","symbol_left":"$","symbol_right":"","symbol_padding":"","thousand_separator":",","decimal_separator":".","decimals":2,"code":"USD"},"base_url":"https:\/\/securelist.com\/wp-content\/plugins\/gravityforms","number_formats":[],"spinnerUrl":"https:\/\/securelist.com\/wp-content\/plugins\/gravityforms\/images\/spinner.svg","strings":{"newRowAdded":"New row added.","rowRemoved":"Row removed","formSaved":"The form has been saved. The content contains the link to return and complete the form."}}; var gf_legacy_multi = {"11":""}; /* ]]> */ </script> <script type="text/javascript" defer='defer' src="https://securelist.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.5.16.3" id="gform_gravityforms-js"></script> <script type="text/javascript" defer='defer' src="https://securelist.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.5.16.3" id="gform_placeholder-js"></script> <script type="text/javascript"> /* <![CDATA[ */ gform.initializeOnLoaded( function() { jQuery(document).on('gform_post_render', function(event, formId, currentPage){if(formId == 11) {if(typeof Placeholders != 'undefined'){ Placeholders.enable(); }} } );jQuery(document).bind('gform_post_conditional_logic', function(event, formId, fields, isInit){} ) } ); /* ]]> */ </script> <script type="text/javascript"> /* <![CDATA[ */ gform.initializeOnLoaded( function() { jQuery(document).trigger('gform_post_render', [11, 1]) } ); /* ]]> */ </script> </body> </html>