Click here to download all references as Bib-File.
2021-11-16 ⋅ Mandiant ⋅ UNC1151 Assessed with High Confidence to have Links to Belarus, Ghostwriter Campaign Aligned with Belarusian Government Interests Ghostwriter |
2021-10-27 ⋅ Mandiant ⋅ Portable Executable File Infecting Malware Is Increasingly Found in OT Networks CCleaner Backdoor Floxif neshta Ramnit Sality Virut |
2021-10-20 ⋅ Mandiant ⋅ Hidden in Plain Sight: Identifying Cryptography in BLACKMATTER Ransomware BlackMatter |
2021-10-12 ⋅ Mandiant ⋅ Defining Cobalt Strike Components So You Can BEA-CONfident in Your Analysis Cobalt Strike |
2021-10-07 ⋅ Mandiant ⋅ FIN12: The Prolific Ransomware Intrusion Threat Actor That Has Aggressively Pursued Healthcare Targets BazarBackdoor GRIMAGENT Ryuk |
2021-10-07 ⋅ Mandiant ⋅ FIN12 Group Profile: FIN12 Priotizes Speed to Deploy Ransomware Aginst High-Value Targets Cobalt Strike Empire Downloader TrickBot |
2021-09-02 ⋅ Mandiant ⋅ Advanced Persistent Threats (APTs) APT9 |
2021-06-16 ⋅ Mandiant ⋅ Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise Cobalt Strike SMOKEDHAM |
2021-04-20 ⋅ Github (fireeye) ⋅ FireEye Mandiant PulseSecure Exploitation Countermeasures |
2021-03-01 ⋅ FireEye ⋅ ACCELLION, INC. File Transfer Appliance (FTA) Security Assessment DEWMODE |
2021-02-25 ⋅ BrightTALK (FireEye) ⋅ Light in the Dark: Hunting for SUNBURST SUNBURST |
2021-01-19 ⋅ Github (fireeye) ⋅ Mandiant Azure AD Investigator: Focusing on UNC2452 TTPs SUNBURST |
2021-01-19 ⋅ Mandiant ⋅ Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (WHITE PAPER) |
2021 ⋅ Mandiant ⋅ M-TRENDS 2021 Cobalt Strike SUNBURST |
2020-12-17 ⋅ FireEye ⋅ DebUNCing Attribution: How Mandiant Tracks Uncategorized Threat Actors |
2020-10-29 ⋅ Mandiant ⋅ FIN11: A Widespread Ransomware and Extortion Operation (Webinar) FIN11 |
2020-07-30 ⋅ FireEye ⋅ Obscured by Clouds: Insights into Office 365 Attacks and How Mandiant Managed Defense Investigates |
2020-07-29 ⋅ Mandiant ⋅ ‘Ghostwriter’ Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned with Russian Security Interests |
2020-07-15 ⋅ Mandiant ⋅ Financially Motivated Actors Are Expanding Access Into OT: Analysis of Kill Lists That Include OT Processes Used With Seven Malware Families Clop DoppelPaymer LockerGoga Maze MegaCortex Nefilim Snake |
2020-03-16 ⋅ Mandiant ⋅ They Come in the Night: Ransomware Deployment Trends FAKEUPDATES |