Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-22MandiantDaniel Kapellmann Zafra, Keith Lunden, Nathan Brubaker
We (Did!) Start the Fire: Hacktivists Increasingly Claim Targeting of OT Systems
2023-03-20MandiantCASEY CHARRIER, James Sadowski
Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace
2023-03-16MandiantAlexander Marvi, BRAD SLAYBAUGH, DAN EBREO, Muhammad Umair, TINA JOHNSON, Tufail Ahmed
Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation
UNC3886
2023-03-09MandiantMandiant Intelligence
Stealing the LIGHTSHOW (Part Two) — LIGHTSHIFT and LIGHTSHOW
FudModule
2023-03-09MandiantMandiant Intelligence
Stealing the LIGHTSHOW (Part One) — North Korea's UNC2970
CLOUDBURST TOUCHMOVE TOUCHSHIFT UNC2970
2023-03-08MandiantBen Read, DANIEL LEE, Stephen Eckels
Suspected Chinese Campaign to Persist on SonicWall Devices, Highlights Importance of Monitoring Edge Devices
UNC4540
2023-02-15GoogleGoogle Threat Analysis Group, Mandiant
Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape
CaddyWiper Dharma HermeticWiper INDUSTROYER2 PartyTicket WhisperGate Callisto Curious Gorge MUSTANG PANDA Turla
2023-02-03MandiantGenevieve Stark, Kimberly Goody
Float Like a Butterfly Sting Like a Bee
BazarBackdoor BumbleBee Cobalt Strike
2023-01-26MandiantAndy Morales, Govand Sinjari
Welcome to Goot Camp: Tracking the Evolution of GOOTLOADER Operations
GootLoader UNC2565
2023-01-19MandiantCristiana Kittner, Mark Lechtik, Sarah Hawley, Scott Henderson
Suspected Chinese Threat Actors Exploiting FortiOS Vulnerability (CVE-2022-42475)
BOLDMOVE BOLDMOVE
2023-01-05MandiantEduardo Mattos, Gabby Roncone, John Wolfram, Sarah Hawley, Tyler McLellan
Turla: A Galaxy of Opportunity
KopiLuwak Andromeda QUIETCANARY
2022-12-15MandiantMandiant
Trojanized Windows 10 Operating System Installers Targeted Ukrainian Government
Cobalt Strike STOWAWAY
2022-12-13MandiantMandiant Intelligence
I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware
POORTRY
2022-11-29MandiantDoug Bienstock, Luke Jenkins, Parnian Najafi, Sarah Hawley
Suspected Russian Activity Targeting Government and Business Entities Around the Globe
CEELOADER CryptBot
2022-11-28MandiantGeoff Ackerman, John Wolfram, Ryan Tomcik, Tommy Dacanay
Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia
BLUEHAZE DARKDEW MISTCLOAK UNC4191
2022-10-26MandiantMandiant Intelligence
Pro-PRC DRAGONBRIDGE Influence Campaign Leverages New TTPs to Aggressively Target U.S. Interests, Including Midterm Elections
Dragonbridge
2022-10-19MandiantJesse Valdez, Sandor Nemes, Sulian Lebegue
From RM3 to LDR4: URSNIF Leaves Banking Fraud Behind
LDR4
2022-09-29MandiantAlexander Marvi, Greg Blaum
Bad VIB(E)s Part Two: Detection and Hardening within ESXi Hypervisors
2022-09-29MandiantAlexander Marvi, Jeremy Koppen, Jonathan Lepore, Tufail Ahmed
Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors
UNC3886
2022-09-23MandiantMandiant Intelligence
GRU: Rise of the (Telegram) MinIOns
ArguePatch CaddyWiper XakNet