Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-16MandiantJoshua Homan, Logeswaran Nadarajan, Martin Co, Mathew Potaczek, Sylvain Hirsch, Takahiro Sugiyama, Yu Nakamura
Have Your Cake and Eat it Too? An Overview of UNC2891
SLAPSTICK STEELCORGI LightBasin
2022-03-13MandiantMandiant
APT41 (Double Dragon): A Dual Espionage and Cyber Crime Operation
APT41
2022-03-08MandiantDouglas Bienstock, Geoff Ackerman, John Wolfram, Rufus Brown, Van Ta
Does This Look Infected? A Summary of APT41 Targeting U.S. State Governments
KEYPLUG Cobalt Strike LOWKEY
2022-03-04MandiantJames Sadowski, Ryan Hall
Responses to Russia's Invasion of Ukraine Likely to Spur Retaliation
HermeticWiper PartyTicket WhisperGate
2022-02-26MandiantMandiant
TRENDING EVIL Q1 2022
KEYPLUG FAKEUPDATES GootLoader BazarBackdoor QakBot
2022-02-24MandiantEmiel Haeghebaert, Ryan Tomcik, Tufail Ahmed
Left On Read: Telegram Malware Spotted in Latest Iranian Cyber Espionage Activity
STARWHALE GRAMDOOR
2022-02-23MandiantJoshua Shilko, Shambavi Sadayappan, Tyler McLellan
(Ex)Change of Pace: UNC2596 Observed Leveraging Vulnerabilities to Deploy Cuba Ransomware
Cuba KillAV
2022-02-01MandiantAngelo Del Rosario, Martin Co, Ng Choon Kiat
Zoom For You — SEO Poisoning to Distribute BATLOADER and Atera Agent
BATLOADER
2022-01-31MandiantCorey Hidelbrandt, Daniel Kapellmann Zafra, Keith Lunden, Nathan Brubaker
1 in 7 Ransomware Extortion Attacks Leak Critical Operational Technology Information
2022-01-20BrightTALK (Mandiant)John Hultquist, Matthew McWhirt
Anticipating and Preparing for Russian Cyber Activity
2022-01-20MandiantJohn Hultquist
Anticipating Cyber Threats as the Ukraine Crisis Escalates
2022-01-19MandiantAdrian Sanchez Hernandez, Ervin James Ocampo, Paul Tarter
One Source to Rule Them All: Chasing AVADDON Ransomware
BlackMatter Avaddon BlackMatter MedusaLocker SystemBC ThunderX
2022-01-14MandiantBryan Turner, Daniel Smith, Matthew McWhirt, Omar Toor
Proactive Preparation and Hardening to Protect Against Destructive Attacks
2021-12-15MandiantJohn Hultquist, Matthew McWhirt
Log4Shell Initial Exploitation and Mitigation Recommendations
2021-12-15MandiantAlessandro Parilli, James Maclachlan
No Unaccompanied Miners: Supply Chain Compromises Through Node.js Packages (UNC3379)
DanaBot
2021-12-14MandiantAdrien Bataille, Anders Vejlby, Jared Scott Wilson, Nader Zaveri
Azure Run Command for Dummies
2021-12-13MandiantAlyssa Rahman
Now You Serial, Now You Don’t — Systematically Hunting for Deserialization Exploits
2021-12-07MandiantJake Nicastro, Nick Richard, Rufus Brown, Van Ta
FIN13: A Cybercriminal Threat Actor Focused on Mexico
jspRAT win.rekoobe FIN13
2021-12-06MandiantAshraf Abdalhalim, Ben Read, Doug Bienstock, Gabriella Roncone, Jonathan Leathery, Josh Madeley, Juraj Sucik, Luis Rocha, Luke Jenkins, Manfred Erjak, Marius Fodoreanu, Microsoft Detection and Response Team (DART), Microsoft Threat Intelligence Center (MSTIC), Mitchell Clarke, Parnian Najafi, Sarah Hawley, Wojciech Ledzion
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452)
Cobalt Strike CryptBot
2021-11-29MandiantBrandan Schondorfer, Tyler McLellan
Kitten.gif: Meet the Sabbath Ransomware Affiliate Program, Again
Cobalt Strike ROLLCOAST