The Containment Era is here. →Explore

aviatrix logoAviatrix
Under Active Attack
Industry Category

International Trade/Development

Breach intelligence, attack campaigns, and threat reports targeting the International Trade/Development sector.

3 threat reports
Page 1 of 1

Explore Other Sectors

Accounting
Aerospace/Aviation
Agriculture
Airlines/Aviation
Animation
Apparel/Fashion
Architecture/Planning
Artificial Intelligence
Artificial Intelligence/Machine Learning
Arts/Crafts
Automotive
Aviation/Aerospace
Banking/Mortgage
Biotechnology/Greentech
Blockchain/Cryptocurrency
Broadcast Media
Broadcasting Media
Broadcasting/Media
Building Materials
Business Supplies/Equipment
Capital Markets/Hedge Fund/Private Equity
Chemical
Chemicals
Civic/Social Organization
Civil Engineering
Cloud Computing
Cloud Computing/SaaS
Cloud Services
Commercial Facilities
Commercial Real Estate
Computer Games
Computer Hardware
Computer Networking
Computer Software/Engineering
Computer/Network Security
Construction
Consulting
Consumer Electronics
Consumer Goods
Consumer Services
Cosmetics
Cosmetics
Critical Manufacturing
Cryptocurrencies
Customer Services
Cybersecurity
Dairy
Dating/Personal Services
Defense/Space
Design
E-Learning
Education Management
Electrical/Electronic Manufacturing
Emergency Services
Energy
Energy/Oil/Solar/Greentech
Entertainment/Movie Production
Environmental Services
Events Services
Facilities Services
Farming
Fashion/Apparel
Financial Services
Fine Art
Fishery
Food Production
Food/Beverages
Fortune 500 companies
Franchising
Fundraising
Gambling/Casinos
Gaming
Gaming/Casinos
Government Administration
Government Facilities
Government Relations
Graphic Design/Web Design
Health Care / Life Sciences
Higher Education/Acadamia
Hospitality
Human Resources/HR
Import/Export
Individual/Family Services
Industrial Automation
Information Services
Information Technology/IT
Insurance
International Affairs
International Trade/Development
Internet
Investment Banking/Venture
Investment Management/Hedge Fund/Private Equity
Judiciary
Law Enforcement
Law Practice/Law Firms
Legal Services
Legislative Office
Leisure/Travel
Logistics/Procurement
Luxury Goods/Jewelry
Machinery
Management Consulting
Manufacturing
Maritime
Marketing/Advertising/Sales
Mechanical or Industrial Engineering
Media Production
Medical Equipment
Medical Practice
Military Industry
Mining/Metals
Mobile
Museums/Institutions
Music
Newspapers/Journalism
Non-Profit/Volunteering
Oil/Energy/Solar/Greentech
Online Publishing
Outsourcing/Offshoring
Package/Freight Delivery
Parking
Pharmaceuticals
Philanthropy
Photography
Plastics
Political Organization
Primary/Secondary Education
Professional Training
Public Relations/PR
Public Safety
Publishing Industry
Railroad Manufacture
Real Estate/Mortgage
Recreational Facilities/Services
Religious Institutions
Renewables/Environment
Research Industry
Restaurants
Retail Industry
Robotics
Rural Healthcare
Security/Investigations
Semiconductors
Sporting Goods
Sports
Staffing/Recruiting
Supermarkets
Technology
Technology/IT
Telecommunications
Think Tanks
Toys and Games
Transportation
Travel/Tourism
Trucking/Freight
Utilities
Venture Capital/VC
Warehousing
Water and Wastewater
Water and Wastewater Systems
Water and Wastewater Treatment
Water, Waste, Steam, and Air Conditioning Services
Water/Wastewater Management
Water/Wastewater/Utilities
Wholesale
Wireless

International Trade/Development Threat Reports

Showing 13 / 3 reports
AkzoNobel's 2026 Encounter with Anubis Ransomware: A Case Study
Impact· HIGH
Chemicals

AkzoNobel's 2026 Encounter with Anubis Ransomware: A Case Study

In early March 2026, AkzoNobel, a leading multinational paint and coatings company, experienced a cyberattack at one of its U.S. sites. The Anubis ransomware group claimed responsibility, asserting they had exfiltrated 170GB of sensitive data, including confidential client agreements, personal employee information, and internal technical documents. AkzoNobel confirmed the breach, stating it was contained to the specific site and that the impact was limited. The company is collaborating with relevant authorities and has initiated notifications to affected parties. This incident underscores the evolving tactics of ransomware groups like Anubis, which have expanded their operations to include data exfiltration and destruction, increasing pressure on victims. Organizations must remain vigilant, as such attacks highlight the critical need for robust cybersecurity measures and incident response plans to mitigate potential damages.

3 months ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(medium)
LM
Lateral Movement(medium)
C&C
Command & Control(medium)
E
Exfiltration(high)
I
Impact(high)
Read Report
WIRTE’s 2025 Espionage Campaign: Middle East Governments Breached via AshenLoader and AshTag
Impact· medium
Government Administration

WIRTE’s 2025 Espionage Campaign: Middle East Governments Breached via AshenLoader and AshTag

In late 2025, the advanced persistent threat group WIRTE, linked to Gaza Cyber Gang, launched a far-reaching espionage campaign against government and diplomatic entities across the Middle East using a new malware suite known as AshTag. Attackers used phishing emails with geopolitical lures to entice targets into downloading malicious archives, resulting in the sideloading of AshenLoader and the deployment of AshTag. This modular .NET backdoor enabled remote command execution, persistence, and document exfiltration, specifically targeting sensitive diplomatic materials. Notably, attacks persisted throughout the Israel-Hamas conflict and continued after the Gaza ceasefire, highlighting the threat actors' sustained operational tempo. This campaign is a potent reminder of the increasing sophistication of state-linked espionage operations, including the adoption of advanced malware delivery and in-memory execution tactics designed to evade detection. With attackers broadening their target geography and refining their methods, regional governments and strategic organizations must urgently review and upgrade their defenses.

5 months ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(medium)
LM
Lateral Movement(medium)
C&C
Command & Control(high)
E
Exfiltration(high)
I
Impact(medium)
Read Report
Iran MOIS Targets Diplomatic Missions Worldwide in Sophisticated Phishing Campaign (2024)
Impact· medium
Government Administration

Iran MOIS Targets Diplomatic Missions Worldwide in Sophisticated Phishing Campaign (2024)

Between August and September 2024, the Iranian state-affiliated APT group 'Homeland Justice,' linked to Iran’s Ministry of Intelligence (MOIS), orchestrated a sophisticated phishing campaign targeting over 50 embassies, government ministries, and international organizations across six continents. Attackers leveraged more than 100 hijacked, legitimate email accounts, using them to distribute infostealing malware concealed in macro-laden Word documents, often themed around timely geopolitical topics. These emails were sent via VPNs to obfuscate their true origin and bypassed basic email filtering due to the use of authentic sender addresses. This incident highlights the sustained threat posed by nation-state actors employing classic social engineering methods with modern evasion techniques. The resurgence of macro-enabled attacks and increasing abuse of compromised trusted accounts point to evolving risk vectors for governmental and international bodies, underscoring the need for continuous vigilance and upgraded detection capabilities.

5 months ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(medium)
LM
Lateral Movement(low)
C&C
Command & Control(high)
E
Exfiltration(medium)
I
Impact(medium)
Read Report
[ INCIDENT RESPONSE // UNDER ATTACK? ]

Stop Active Cloud Data Exfiltration

Aviatrix Breach Lock helps teams instantly identify what data is leaving the environment, from which workload, and where it’s going — during an active breach.

Under Attack

Looking for threats in a different sector?

Browse All Threat Reports