In recent years, IT concepts and components have made their way into the shop floor, today better known as Operational Technology (OT). The increasing interconnection and convergence of IT and OT have exposed industrial infrastructures to cyber attacks. In addition, they have become vulnerable to Advanced Persistent Threats (APTs). This article examines real-world incidents, looking at the complex landscape of threat groups targeting OT environments and the Tactic, Technique, and Procedures (TTPs) employed by these threat groups. Consequently, it highlights the need for heightened vigilance in protecting OT environments, which can be done by leveraging a variety of open-source threat intelligence platforms and databases, including ThaiCERT, Malpedia, MITRE ATT&CK, and ICS-CERT. We aim to furnish stakeholders, including Chief Information Security Officers (CISOs), with insights into emerging threat groups, attack victims and their locations, the origins of attacks, the tools and types of tools used, and the motivations behind these attacks. This understanding is crucial for enhancing defensive strategies and safeguarding OT environments against evolving cyber threats.