Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-07-19MandiantAndrew Oliveau
Escalating Privileges via Third-Party Windows Installers
2023-07-18MandiantMandiant Intelligence
Stealth Mode: Chinese Cyber Espionage Actors Continue to Evolve Tactics to Avoid Detection
BPFDoor SALTWATER SEASPY SideWalk ZuoRAT Daxin HyperBro HyperSSL Waterbear
2023-07-12MandiantDan Black, Gabby Roncone
The GRU's Disruptive Playbook
CaddyWiper INDUSTROYER2 XakNet
2023-07-12MandiantDan Black, Gabby Roncone
The GRU's Disruptive Playbook
CaddyWiper INDUSTROYER2 XakNet
2023-07-11MandiantNg Choon Kiat, Rommel Joven
The Spies Who Loved You: Infected USB Drives to Steal Secrets
PlugX
2023-07-11MandiantNg Choon Kiat, Rommel Joven
The Spies Who Loved You: Infected USB Drives to Steal Secrets
PlugX
2023-07-10MandiantJennifer Guzzetta, Matthew McWhirt, Phil Pearce, Thirumalai Natarajan Muthiah
Defend Against the Latest Active Directory Certificate Services Threats
2023-07-10MandiantJennifer Guzzetta, Matthew McWhirt, Phil Pearce, Thirumalai Natarajan Muthiah
Defend Against the Latest Active Directory Certificate Services Threats
2023-07-10MandiantJennifer Guzzetta, Matthew McWhirt, Phil Pearce, Thirumalai Natarajan Muthiah
Defend Against the Latest Active Directory Certificate Services Threats
2023-07-10MandiantJennifer Guzzetta, Matthew McWhirt, Phil Pearce, Thirumalai Natarajan Muthiah
Defend Against the Latest Active Directory Certificate Services Threats
2023-06-28MandiantAlexander Marvi, Greg Blaum, Ron Craft
Detection, Containment, and Hardening Opportunities for Privileged Guest Operations, Anomalous Behavior, and VMCI Backdoors on Compromised VMware Hosts
UNC3886
2023-06-28MandiantAlexander Marvi, Greg Blaum, Ron Craft
Detection, Containment, and Hardening Opportunities for Privileged Guest Operations, Anomalous Behavior, and VMCI Backdoors on Compromised VMware Hosts
UNC3886
2023-06-28MandiantAlexander Marvi, Greg Blaum, Ron Craft
Detection, Containment, and Hardening Opportunities for Privileged Guest Operations, Anomalous Behavior, and VMCI Backdoors on Compromised VMware Hosts
UNC3886
2023-06-15MandiantAustin Larsen, John Palmisano, John Wolfram, Mathew Potaczek, Matthew McWhirt
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China
SALTWATER SEASPY UNC4841
2023-06-15MandiantAustin Larsen, John Palmisano, John Wolfram, Mathew Potaczek, Matthew McWhirt
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China
SALTWATER SEASPY UNC4841
2023-06-15MandiantAustin Larsen, John Palmisano, John Wolfram, Mathew Potaczek, Matthew McWhirt
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China
SALTWATER SEASPY UNC4841
2023-06-15MandiantAustin Larsen, John Palmisano, John Wolfram, Mathew Potaczek, Matthew McWhirt
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China
SALTWATER SEASPY UNC4841
2023-06-15MandiantAustin Larsen, John Palmisano, John Wolfram, Mathew Potaczek, Matthew McWhirt
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China
SALTWATER SEASPY UNC4841
2023-06-13MandiantAlexander Marvi, BRAD SLAYBAUGH, Ron Craft, Rufus Brown
VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors (UNC3886)
UNC3886
2023-06-13MandiantAlexander Marvi, BRAD SLAYBAUGH, Ron Craft, Rufus Brown
VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors (UNC3886)
UNC3886