Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-04-29MandiantAnders Vejlby, John Wolfram, Nick Simonian, Sarah Hawley, Tyler McLellan
Trello From the Other Side: Tracking APT29 Phishing Campaigns
BEATDROP VaporRage
2022-04-28MandiantAnders Vejlby, John Wolfram, Nick Simonian, Sarah Hawley, Tyler McLellan
Trello From the Other Side: Tracking APT29 Phishing Campaigns
Cobalt Strike
2022-04-27MandiantMandiant
Assembling the Russian Nesting Doll: UNC2452 Merged into APT29
Cobalt Strike Raindrop SUNBURST TEARDROP
2022-04-25MandiantChris Sistrunk, Corey Hildebrandt, Daniel Kapellmann Zafra, Keith Lunden, Ken Proska, Nathan Brubaker, Raymond Leong
INDUSTROYER.V2: Old Malware Learns New Tricks
INDUSTROYER2
2022-04-22MandiantMandiant
FIN7 Power Hour: Adversary Archaeology and the Evolution of FIN7
POWERTRASH Carbanak DICELOADER STONEBOAT
2022-04-13MandiantCorey Hildebrandt, Daniel Kapellmann Zafra, Keith Lunden, Ken Proska, Muhammad Umair, Nathan Brubaker, Rob Caldwell
INCONTROLLER: New State-Sponsored Cyber Attack Tools Target Multiple Industrial Control Systems
2022-04-04MandiantBrendan McKeague, Bryce Abdo, Ioana Teaca, Zander Work
FIN7 Power Hour: Adversary Archaeology and the Evolution of FIN7
Griffon BABYMETAL Carbanak Cobalt Strike JSSLoader Termite
2022-03-28MandiantBrandon Wilbur, Dallin Warne, Geoff Ackerman, James Maclachlan, John Wolfram, Tufail Ahmed
Forged in Fire: A Survey of MobileIron Log4Shell Exploitation
KEYPLUG
2022-03-23MandiantDan Scott, Elias fox, Gary Freas, Jeffery Johnson, Michael Barnhart, Michelle Cantos
Not So Lazarus: Mapping DPRK Cyber Threat Groups to Government Organizations
2022-03-18Recorded FutureInsikt Group®
Ghostwriter in the Shell: Expanding on Mandiant’s Attribution of UNC1151 to Belarus
2022-03-16MandiantJoshua Homan, Logeswaran Nadarajan, Martin Co, Mathew Potaczek, Sylvain Hirsch, Takahiro Sugiyama, Yu Nakamura
Have Your Cake and Eat it Too? An Overview of UNC2891
SLAPSTICK STEELCORGI LightBasin
2022-03-13MandiantMandiant
APT41 (Double Dragon): A Dual Espionage and Cyber Crime Operation
APT41
2022-03-08MandiantDouglas Bienstock, Geoff Ackerman, John Wolfram, Rufus Brown, Van Ta
Does This Look Infected? A Summary of APT41 Targeting U.S. State Governments
KEYPLUG Cobalt Strike LOWKEY
2022-03-04MandiantJames Sadowski, Ryan Hall
Responses to Russia's Invasion of Ukraine Likely to Spur Retaliation
HermeticWiper PartyTicket WhisperGate
2022-02-26MandiantMandiant
TRENDING EVIL Q1 2022
KEYPLUG FAKEUPDATES GootLoader BazarBackdoor QakBot
2022-02-24MandiantEmiel Haeghebaert, Ryan Tomcik, Tufail Ahmed
Left On Read: Telegram Malware Spotted in Latest Iranian Cyber Espionage Activity
STARWHALE GRAMDOOR
2022-02-23MandiantJoshua Shilko, Shambavi Sadayappan, Tyler McLellan
(Ex)Change of Pace: UNC2596 Observed Leveraging Vulnerabilities to Deploy Cuba Ransomware
Cuba KillAV
2022-02-01MandiantAngelo Del Rosario, Martin Co, Ng Choon Kiat
Zoom For You — SEO Poisoning to Distribute BATLOADER and Atera Agent
BATLOADER
2022-01-31MandiantCorey Hidelbrandt, Daniel Kapellmann Zafra, Keith Lunden, Nathan Brubaker
1 in 7 Ransomware Extortion Attacks Leak Critical Operational Technology Information
2022-01-20BrightTALK (Mandiant)John Hultquist, Matthew McWhirt
Anticipating and Preparing for Russian Cyber Activity