Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-18MandiantMandiant
M-Trends 2023
QUIETEXIT AppleJeus Black Basta BlackCat CaddyWiper Cobalt Strike Dharma HermeticWiper Hive INDUSTROYER2 Ladon LockBit Meterpreter PartyTicket PlugX QakBot REvil Royal Ransom SystemBC WhisperGate
2023-04-13YouTube (The Korea Society)Jean Lee, Mandiant, Michael Barnhart
The North Korean Cyber Threat
2023-04-03MandiantEduardo Mattos, JASON DEYALSINGH, Nick Richard, NICK SMITH, Tyler McLellan
ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access
LaZagne BlackCat MimiKatz
2023-03-30MandiantAlden Wahlstrom, Daniel Kapellmann Zafra, Gabby Roncone, Keith Lunden
Contracts Identify Cyber Operations Projects from Russian Company NTC Vulkan
INCONTROLLER
2023-03-28MandiantDan Perez, Fred Plan, Jeffery Johnson, JOE DOBSON, Michael Barnhart, Van Ta
APT43: North Korean Group Uses Cybercrime to Fund Espionage Operations
APT43
2023-03-28MandiantDan Perez, Fred Plan, JEFF JOHNSON, JOE DOBSON, Michael Barnhart, Van Ta
APT43: North Korean Group Uses Cybercrime to Fund Espionage Operations
APT43 Kimsuky
2023-03-23MandiantJosh Fleischer, Rufus Brown, Ryan Tomcik
UNC961 in the Multiverse of Mandiant: Three Encounters with a Financially Motivated Threat Actor
HOLERUN LIGHTBUNNY Prophet Spider
2023-03-22MandiantDaniel Kapellmann Zafra, Keith Lunden, Nathan Brubaker
We (Did!) Start the Fire: Hacktivists Increasingly Claim Targeting of OT Systems
2023-03-20MandiantCASEY CHARRIER, James Sadowski
Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace
2023-03-16MandiantAlexander Marvi, BRAD SLAYBAUGH, DAN EBREO, Muhammad Umair, TINA JOHNSON, Tufail Ahmed
Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation
UNC3886
2023-03-09MandiantMandiant Intelligence
Stealing the LIGHTSHOW (Part Two) — LIGHTSHIFT and LIGHTSHOW
FudModule
2023-03-09MandiantMandiant Intelligence
Stealing the LIGHTSHOW (Part One) — North Korea's UNC2970
CLOUDBURST TOUCHMOVE TOUCHSHIFT UNC2970
2023-03-08MandiantBen Read, DANIEL LEE, Stephen Eckels
Suspected Chinese Campaign to Persist on SonicWall Devices, Highlights Importance of Monitoring Edge Devices
UNC4540
2023-02-15GoogleGoogle Threat Analysis Group, Mandiant
Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape
CaddyWiper Dharma HermeticWiper INDUSTROYER2 PartyTicket WhisperGate Callisto Curious Gorge MUSTANG PANDA Turla
2023-02-03MandiantGenevieve Stark, Kimberly Goody
Float Like a Butterfly Sting Like a Bee
BazarBackdoor BumbleBee Cobalt Strike
2023-01-26MandiantAndy Morales, Govand Sinjari
Welcome to Goot Camp: Tracking the Evolution of GOOTLOADER Operations
GootLoader UNC2565
2023-01-19MandiantCristiana Kittner, Mark Lechtik, Sarah Hawley, Scott Henderson
Suspected Chinese Threat Actors Exploiting FortiOS Vulnerability (CVE-2022-42475)
BOLDMOVE BOLDMOVE
2023-01-05MandiantEduardo Mattos, Gabby Roncone, John Wolfram, Sarah Hawley, Tyler McLellan
Turla: A Galaxy of Opportunity
KopiLuwak Andromeda QUIETCANARY
2022-12-15MandiantMandiant
Trojanized Windows 10 Operating System Installers Targeted Ukrainian Government
Cobalt Strike STOWAWAY
2022-12-13MandiantMandiant Intelligence
I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware
POORTRY