Kaspersky
APT Group has energy facilities in its sights
According to recent analyses by Kaspersky, the notorious advanced persistent threat (APT) group SideWinder has adapted its attack strategies and expanded its geographical targets. SideWinder is now also targeting nuclear power plants and energy facilities.
The companies affected are mainly located in Africa and South East Asia, but also in parts of Europe, including Austria. SideWinder has so far mainly targeted government, military and diplomatic facilities. Now, however, the group's attacks are also targeting maritime infrastructure and logistics companies throughout Southeast Asia, while also targeting the nuclear sector. Kaspersky experts have recently seen an increase in attacks on nuclear and power generation facilities using spear phishing emails and malicious documents with industry-specific terminology. The attackers use regulatory and plant-specific topics as bait.
SideWinder exploits an older Microsoft Office vulnerability (CVE-2017-11882) for the current attacks, but is able to quickly make adjustments to its toolset to evade detection. Once the affected documents are opened, an attack chain is triggered that allows the attackers to access operational data, research projects and personnel data from nuclear power plants.
"We see not only a geographic expansion, but also a strategic evolution of SideWinder's capabilities and ambitions," explains Vasily Berdnikov, Lead Security Researcher in the Global Research & Analysis Team (GReAT) at Kaspersky. "The group can deploy updated malware variants after detection with remarkable speed, changing the threat landscape tremendously. Instead of a reactive response, it requires a near real-time response."
You might also be interested in
Security portfolio expanded
Adlon is further developing its Security Operations Center and adding another module to the existing Managed SOC for Microsoft 365 environments (based on Managed XDR): 'Managed SOC Advanced'.
read more...Increasing cyberattacks on the manufacturing sector
A report from Check Point Exposure Management on the threat landscape in the manufacturing industry shows a dramatic increase in ransomware, supply chain attacks and OT-related cyber incidents. As smart factories and connected supply chains become...
read more...Cybersecurity is a top priority for car manufacturers
The latest "Automotive Manufacturing Outlook Survey" from ABB Robotics shows that cyber security has become the most important focus for automotive manufacturers around the world. This indicates a clear change in the perception of digital risks.
read more...Cloud security often inadequate
According to Red Hat's "State of Cloud-native Security" Report 2026, 97% of the companies surveyed with hybrid cloud environments reported security incidents within a year. This is based on data from around 600 IT specialists.
read more...CRA guide for Powerlink checked
TÜV Rheinland has audited the "CRA Guide for Powerlink" from B&R. The guide is one of the first independently audited technical documentations for the implementation of the EU Cyber Resilience Act in automation.
read more...Dragos expands collaboration with Microsoft
Dragos, a global provider of cyber security for OT environments, is expanding its collaboration with Microsoft. The aim is to support companies in modernizing and securing their cyber-physical operating processes.
read more...Check Point Cyber Security Report 2026
More attacks on German companies
The new "Cyber Security Report 2026" from Check Point shows a significant increase in cyberattacks on German organizations by 2025. The education sector is particularly affected and is well above the national average.
read more...Profinet enables CRA conformity
The EU Cyber Resilience Act (CRA) will require all manufacturers of products with digital elements to implement comprehensive security measures from December 2027. After a thorough review of its technologies, Profibus & Profinet International...
read more...Study warns of risks associated with LLM use
Trend Micro has tested more than 100 AI models and warns of legal, financial and reputational risks associated with the unregulated use of large language models. The results show some strong regional and temporal deviations in the issues.
read more...