Click here to download all references as Bib-File.
2022-01-20 ⋅ Mandiant ⋅ Anticipating Cyber Threats as the Ukraine Crisis Escalates |
2022-01-19 ⋅ Mandiant ⋅ One Source to Rule Them All: Chasing AVADDON Ransomware BlackMatter Avaddon BlackMatter MedusaLocker SystemBC ThunderX |
2022-01-14 ⋅ Mandiant ⋅ Proactive Preparation and Hardening to Protect Against Destructive Attacks |
2021-12-15 ⋅ Mandiant ⋅ Log4Shell Initial Exploitation and Mitigation Recommendations |
2021-12-15 ⋅ Mandiant ⋅ No Unaccompanied Miners: Supply Chain Compromises Through Node.js Packages (UNC3379) DanaBot |
2021-12-14 ⋅ Mandiant ⋅ Azure Run Command for Dummies |
2021-12-13 ⋅ Mandiant ⋅ Now You Serial, Now You Don’t — Systematically Hunting for Deserialization Exploits |
2021-12-07 ⋅ Mandiant ⋅ FIN13: A Cybercriminal Threat Actor Focused on Mexico jspRAT win.rekoobe FIN13 |
2021-12-06 ⋅ Mandiant ⋅ Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452) Cobalt Strike CryptBot |
2021-11-29 ⋅ Mandiant ⋅ Kitten.gif: Meet the Sabbath Ransomware Affiliate Program, Again Cobalt Strike |
2021-11-18 ⋅ Mandiant ⋅ Introducing Mandiant's Digital Forensics and Incident Response Framework for Embedded OT Systems |
2021-11-17 ⋅ Mandiant ⋅ ProxyNoShell: A Change in Tactics Exploiting ProxyShell Vulnerabilities |
2021-11-16 ⋅ Mandiant ⋅ UNC1151 Assessed with High Confidence to have Links to Belarus, Ghostwriter Campaign Aligned with Belarusian Government Interests Ghostwriter |
2021-10-27 ⋅ Mandiant ⋅ Portable Executable File Infecting Malware Is Increasingly Found in OT Networks CCleaner Backdoor Floxif neshta Ramnit Sality Virut |
2021-10-20 ⋅ Mandiant ⋅ Hidden in Plain Sight: Identifying Cryptography in BLACKMATTER Ransomware BlackMatter |
2021-10-12 ⋅ Mandiant ⋅ Defining Cobalt Strike Components So You Can BEA-CONfident in Your Analysis Cobalt Strike |
2021-10-07 ⋅ Mandiant ⋅ FIN12 Group Profile: FIN12 Priotizes Speed to Deploy Ransomware Aginst High-Value Targets Cobalt Strike Empire Downloader TrickBot |
2021-10-07 ⋅ Mandiant ⋅ FIN12: The Prolific Ransomware Intrusion Threat Actor That Has Aggressively Pursued Healthcare Targets BazarBackdoor GRIMAGENT Ryuk |
2021-06-16 ⋅ Mandiant ⋅ Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise Cobalt Strike SMOKEDHAM |
2021-04-20 ⋅ Github (fireeye) ⋅ FireEye Mandiant PulseSecure Exploitation Countermeasures |