Click here to download all references as Bib-File.•
| 2021-10-27
⋅
Mandiant
⋅
Portable Executable File Infecting Malware Is Increasingly Found in OT Networks CCleaner Backdoor Floxif neshta Ramnit Sality Virut |
| 2021-10-20
⋅
Mandiant
⋅
Hidden in Plain Sight: Identifying Cryptography in BLACKMATTER Ransomware BlackMatter |
| 2021-10-12
⋅
Mandiant
⋅
Defining Cobalt Strike Components So You Can BEA-CONfident in Your Analysis Cobalt Strike |
| 2021-10-07
⋅
Mandiant
⋅
FIN12 Group Profile: FIN12 Priotizes Speed to Deploy Ransomware Aginst High-Value Targets Cobalt Strike Empire Downloader TrickBot |
| 2021-10-07
⋅
Mandiant
⋅
FIN12: The Prolific Ransomware Intrusion Threat Actor That Has Aggressively Pursued Healthcare Targets BazarBackdoor GRIMAGENT Ryuk |
| 2021-09-02
⋅
Mandiant
⋅
Advanced Persistent Threats (APTs) APT9 |
| 2021-06-16
⋅
Mandiant
⋅
Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise Cobalt Strike SMOKEDHAM |
| 2021-04-20
⋅
Github (fireeye)
⋅
FireEye Mandiant PulseSecure Exploitation Countermeasures |
| 2021-03-01
⋅
FireEye
⋅
ACCELLION, INC. File Transfer Appliance (FTA) Security Assessment DEWMODE |
| 2021-02-25
⋅
BrightTALK (FireEye)
⋅
Light in the Dark: Hunting for SUNBURST SUNBURST |
| 2021-01-19
⋅
Github (fireeye)
⋅
Mandiant Azure AD Investigator: Focusing on UNC2452 TTPs SUNBURST |
| 2021-01-19
⋅
Mandiant
⋅
Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (WHITE PAPER) |
| 2021-01-01
⋅
Mandiant
⋅
M-TRENDS 2021 Cobalt Strike SUNBURST |
| 2020-12-17
⋅
FireEye
⋅
DebUNCing Attribution: How Mandiant Tracks Uncategorized Threat Actors |
| 2020-10-29
⋅
Mandiant
⋅
FIN11: A Widespread Ransomware and Extortion Operation (Webinar) FIN11 |
| 2020-07-30
⋅
FireEye
⋅
Obscured by Clouds: Insights into Office 365 Attacks and How Mandiant Managed Defense Investigates |
| 2020-07-29
⋅
Mandiant
⋅
‘Ghostwriter’ Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned with Russian Security Interests |
| 2020-07-15
⋅
Mandiant
⋅
Financially Motivated Actors Are Expanding Access Into OT: Analysis of Kill Lists That Include OT Processes Used With Seven Malware Families Clop DoppelPaymer LockerGoga Maze MegaCortex Nefilim Snake |
| 2020-03-16
⋅
Mandiant
⋅
They Come in the Night: Ransomware Deployment Trends FAKEUPDATES |
| 2020-01-01
⋅
FireEye
⋅
Mandiant IR Grab Bag of Attacker Activity TwoFace CHINACHOPPER HyperBro HyperSSL |
| 2019-09-06
⋅
FireEye
⋅
Ransomware Protection and Containment Strategies: Practical Guidance for Endpoint Protection, Hardening and Containment |
| 2019-01-09
⋅
Mandiant
⋅
Global DNS Hijacking Campaign: DNS Record Manipulation at Scale DNSpionage Sea Turtle |
| 2018-09-18
⋅
Mandiant
⋅
Fallout Exploit Kit Used in Malvertising Campaign to Deliver GandCrab Ransomware Gandcrab |
| 2018-01-01
⋅
Mandiant
⋅
APT1 Auriga Biscuit Bouncer Combos CookieBag Dairy GetMail GlooxMail Goggles Hacksfase Helauto Kurton ManItsMe MAPIget MiniASP NewsReels SeaSalt StarsyPound Sword TabMsgSQL Tarsip WebC2-AdSpace WebC2-Ausov WebC2-Bolid WebC2-Cson WebC2-DIV WebC2-GreenCat WebC2-Head WebC2-Kt3 WebC2-Qbp WebC2-Rave WebC2-Table WebC2-UGX WebC2-Yahoo |
| 2017-10-19
⋅
Mandiant
⋅
Magniber Ransomware Wants to Infect Only the Right People Magniber |
| 2017-06-06
⋅
Mandiant
⋅
Privileges and Credentials: Phished at the Request of Counsel Cobalt Strike APT19 |
| 2017-04-20
⋅
Mandiant
⋅
M-Trends 2017 FIN8 |
| 2013-02-20
⋅
FireEye
⋅
APT 1 Malware Arsenal Technical Annex bangat |
| 2010-01-01
⋅
Mandiant
⋅
State of Malware: Family Ties Bredolab Conficker Cutwail KoobFace Oderoor Poison Ivy Rustock Sinowal Szribi Zeus |