Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-05-06MandiantMandiant
Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
BlackCat DragonForce RansomHub
2025-05-06MandiantMandiant
Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
BlackCat DragonForce RansomHub
2025-04-24MandiantMandiant
M-Trends 2025 Report
Akira Black Basta LockBit SystemBC GootLoader LockBit WIREFIRE Akira Black Basta Cobalt Strike LockBit RansomHub SystemBC Pink Sandstorm
2025-04-03MandiantJacob Thompson, John Wolfram, Josh Murchie, Matt Lin, Michael Edie
Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)
SPAWNSNARE
2025-03-12MandiantFrank Tse, Jakub Jozwiak, Logeswaran Nadarajan, Lukasz Lamparski, Mathew Potaczek, Mustafa Nasser, Nick Harbour, Punsaen Boonyakarn, Shawn Chew
Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers
tsh
2024-10-24MandiantFoti Castelan, Gabby Roncone, Jared Wilson, JP Glab, Max Thauer, Tufail Ahmed
Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575)
UNC5820
2024-10-24MandiantFoti Castelan, Gabby Roncone, Jared Wilson, JP Glab, Mandiant, Max Thauer, Tufail Ahmed
Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575)
2024-09-19MandiantMark Lechtik, Matan Mimran, Sarah Bock, Stav Shulman
UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks
OATBOAT
2024-09-19MandiantMark Lechtik, Matan Mimran, Sarah Bock, Stav Shulman
UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks
CRYPTOSLAY PipeSnoop TEMPLEDOOR UNC1860
2024-09-17MandiantMandiant
An Offer You Can Refuse: UNC2970 Backdoor Deployment Using Trojanized PDF Reader
MISTPEN
2024-08-22MandiantAaron Lee, Praveeth DSouza
PEAKLIGHT: Decoding the Stealthy Memory-Only Malware
CryptBot Emmenhtal HijackLoader Lumma Stealer
2024-07-29MandiantAshley Pearson, Jake Nicastro, Joseph Pisano, Josh Murchie, Joshua Shilko, Raymond Leong
UNC4393 Goes Gently into the SILENTNIGHT
Black Basta QakBot sRDI SystemBC Zloader UNC3973 UNC4393
2024-07-18MandiantMike Stokkel
APT41 Has Arisen From the DUST
DUSTTRAP PINEGROVE
2024-07-18MandiantJared Wilson, Jonathan Lepore, Luis Rocha, Mike Stokkel, Pierre Gerlings, RENATO FONTANA, Stephen Eckels
APT41 Has Arisen From the DUST
Cobalt Strike
2024-06-18MandiantMandiant
Cloaked and Covert: Uncovering UNC3886 Espionage Operations
2024-06-12GoogleGoogle Threat Analysis Group, Mandiant
Insights on Cyber Threats Targeting Users and Enterprises in Brazil
TraderTraitor
2024-06-10MandiantMandiant
UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion
Lumma Stealer MetaStealer Raccoon RedLine Stealer RisePro Vidar UNC5537
2024-06-05MandiantJamie Collier, Michelle Cantos
Phishing for Gold: Cyber Threats Facing the 2024 Paris Olympics
Callisto
2024-05-22MandiantMichael Raggi
IOC Extinction? China-Nexus Cyber Espionage Actors Use ORB Networks to Raise Cost on Defenders
2024-05-08MandiantMandiant
M-Trends 2024 Special Report: Chinese Espionage Operations Targeting The Visibility Gap
BOLDMOVE WHIRLPOOL