Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-04MandiantJames Sadowski, Ryan Hall
Responses to Russia's Invasion of Ukraine Likely to Spur Retaliation
HermeticWiper PartyTicket WhisperGate
2022-02-26MandiantMandiant
TRENDING EVIL Q1 2022
KEYPLUG FAKEUPDATES GootLoader BazarBackdoor QakBot
2022-02-24MandiantEmiel Haeghebaert, Ryan Tomcik, Tufail Ahmed
Left On Read: Telegram Malware Spotted in Latest Iranian Cyber Espionage Activity
STARWHALE GRAMDOOR
2022-02-23MandiantJoshua Shilko, Shambavi Sadayappan, Tyler McLellan
(Ex)Change of Pace: UNC2596 Observed Leveraging Vulnerabilities to Deploy Cuba Ransomware
Cuba KillAV
2022-02-01MandiantAngelo Del Rosario, Martin Co, Ng Choon Kiat
Zoom For You — SEO Poisoning to Distribute BATLOADER and Atera Agent
BATLOADER
2022-01-31MandiantCorey Hidelbrandt, Daniel Kapellmann Zafra, Keith Lunden, Nathan Brubaker
1 in 7 Ransomware Extortion Attacks Leak Critical Operational Technology Information
2022-01-20BrightTALK (Mandiant)John Hultquist, Matthew McWhirt
Anticipating and Preparing for Russian Cyber Activity
2022-01-20MandiantJohn Hultquist
Anticipating Cyber Threats as the Ukraine Crisis Escalates
2022-01-19MandiantAdrian Sanchez Hernandez, Ervin James Ocampo, Paul Tarter
One Source to Rule Them All: Chasing AVADDON Ransomware
BlackMatter Avaddon BlackMatter MedusaLocker SystemBC ThunderX
2022-01-14MandiantBryan Turner, Daniel Smith, Matthew McWhirt, Omar Toor
Proactive Preparation and Hardening to Protect Against Destructive Attacks
2021-12-15MandiantJohn Hultquist, Matthew McWhirt
Log4Shell Initial Exploitation and Mitigation Recommendations
2021-12-15MandiantAlessandro Parilli, James Maclachlan
No Unaccompanied Miners: Supply Chain Compromises Through Node.js Packages (UNC3379)
DanaBot
2021-12-14MandiantAdrien Bataille, Anders Vejlby, Jared Scott Wilson, Nader Zaveri
Azure Run Command for Dummies
2021-12-13MandiantAlyssa Rahman
Now You Serial, Now You Don’t — Systematically Hunting for Deserialization Exploits
2021-12-07MandiantJake Nicastro, Nick Richard, Rufus Brown, Van Ta
FIN13: A Cybercriminal Threat Actor Focused on Mexico
jspRAT win.rekoobe FIN13
2021-12-06MandiantAshraf Abdalhalim, Ben Read, Doug Bienstock, Gabriella Roncone, Jonathan Leathery, Josh Madeley, Juraj Sucik, Luis Rocha, Luke Jenkins, Manfred Erjak, Marius Fodoreanu, Microsoft Detection and Response Team (DART), Microsoft Threat Intelligence Center (MSTIC), Mitchell Clarke, Parnian Najafi, Sarah Hawley, Wojciech Ledzion
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452)
Cobalt Strike CryptBot
2021-11-29MandiantBrandan Schondorfer, Tyler McLellan
Kitten.gif: Meet the Sabbath Ransomware Affiliate Program, Again
Cobalt Strike ROLLCOAST
2021-11-18MandiantChris Sistrunk, Daniel Kapellmann, Glen Chason, Ken Proska
Introducing Mandiant's Digital Forensics and Incident Response Framework for Embedded OT Systems
2021-11-17MandiantJoshua Goddard
ProxyNoShell: A Change in Tactics Exploiting ProxyShell Vulnerabilities
2021-11-16MandiantAlden Wahlstrom, Alice Revelli, Ben Read, David Mainor, Gabriella Roncone, Mandiant Research Team, Sam Riddell
UNC1151 Assessed with High Confidence to have Links to Belarus, Ghostwriter Campaign Aligned with Belarusian Government Interests
Ghostwriter