Threat actor 160.119.76.24 conducted comprehensive reconnaissance against industrial control systems and enterprise services on April 24, 2026, targeting multiple ICS/SCADA protocols including Modbus, S7comm, DNP3, and EtherNet/IP alongside traditional IT services. Despite the broad protocol coverag…
IP address 65.49.1.152 conducted sustained reconnaissance activities from March 15 to April 17, 2026, targeting multiple protocols including FortiGate infrastructure, Oracle databases, IoT devices, and Kubernetes clusters across 59 observed events. Assessment indicates LOW threat level with medium c…
External IP 109.105.209.32 conducted sustained reconnaissance against industrial control systems over a 25-day period from March 14-April 8, 2026, targeting MODBUS protocols and other ICS infrastructure. This represents a MEDIUM threat with 85% confidence, indicating potential preparation for operat…