Kaspersky ICS CERT's Q2 2024 industrial-threat roundup describes several North Korea-linked operations against South Korean and industrial targets. AhnLab reported Andariel attacks on education, manufacturing, and construction organizations using a keylogger, infostealer, proxy tools, Nestdoor, and the newer Dora RAT with reverse-shell and file-transfer functions. ESET and AhnLab also tied Kimsuky malware delivery to compromised WIZVERA VeraPort servers at a South Korean construction-related entity, with AhnLab estimating more than 3,000 affected machines. The roundup also covers Kimsuky AppleSeed Go malware families such as AlphaSeed, TrollAgent, Endoor, and Nikidoor, a BlackBerry-reported spear-phishing case against a Western European weapons manufacturer, and SmallTiger/DurianBeacon activity overlapping Andariel tradecraft.