Tag: Gamaredon

APT

January 2026 APT Group Trends Report

Key APT Groups Sandworm attempted to destroy OT and IT equipment using DynoWiper after exploiting a vulnerable configuration of FortiGate, targeting at least 30 energy facilities, including wind and solar power plants in Poland, by the end of December 2025. They directly damaged RTUs, IEDs, and serial devices

Feb 13 2026

APT

December 2025 APT Group Trends

Key APT Group Trends by Region 1) North Korea North Korean state‑sponsored threat groups have increasingly relied on fake IT employment schemes, actively exploiting legitimate hiring platforms and fabricated identities to infiltrate corporate environments. These actors frequently take advantage of remote‑work infrastructures to obtain elevated access and

Jan 19 2026

APT

August 2025 Threat Trend Report on APT Groups

Purpose and Scope This report covers nation-led threat groups, presumed to conduct cyber espionage or sabotage supported by certain governments. These groups are referred to as advanced persistent threat (APT) groups for the sake of convenience. Therefore, this report does not contain information on cybercriminal groups aiming to gain financial

Sep 11 2025

APT

July 2025 Major APT Group Trends

Aug 22 2025

APT

April 2025 APT Group Trends

Trends of major APT groups by country 1) North Korea Since November 2024, the North Korean APT group has been exploiting the vulnerability of South Korean Internet financial security software. Similar attacks have been carried out in the past, and the threat actors have been launching attacks

May 16 2025

APT Trend

Threat Trend Report on APT Groups – February 2024 Major Issues on APT Groups

The cases of major APT groups for February 2024 gathered from materials made public by security companies and institutions are as follows. 1) APT28 In January 2024, the United States government said it had shut down a botnet from the APT28 group suspected to be operated by the Main

Mar 07 2024