Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-06-28MandiantAlexander Marvi, Greg Blaum, Ron Craft
@online{marvi:20230628:detection:4a20fad, author = {Alexander Marvi and Greg Blaum and Ron Craft}, title = {{Detection, Containment, and Hardening Opportunities for Privileged Guest Operations, Anomalous Behavior, and VMCI Backdoors on Compromised VMware Hosts}}, date = {2023-06-28}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/blog/vmware-detection-containment-hardening}, language = {English}, urldate = {2023-07-31} } Detection, Containment, and Hardening Opportunities for Privileged Guest Operations, Anomalous Behavior, and VMCI Backdoors on Compromised VMware Hosts
2023-06-13MandiantAlexander Marvi, BRAD SLAYBAUGH, Ron Craft, Rufus Brown
@online{marvi:20230613:vmware:ab644e2, author = {Alexander Marvi and BRAD SLAYBAUGH and Ron Craft and Rufus Brown}, title = {{VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors (UNC3886)}}, date = {2023-06-13}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypass}, language = {English}, urldate = {2023-07-31} } VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors (UNC3886)
2023-03-16MandiantAlexander Marvi, BRAD SLAYBAUGH, DAN EBREO, Tufail Ahmed, Muhammad Umair, TINA JOHNSON
@online{marvi:20230316:fortinet:d6ae40c, author = {Alexander Marvi and BRAD SLAYBAUGH and DAN EBREO and Tufail Ahmed and Muhammad Umair and TINA JOHNSON}, title = {{Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation}}, date = {2023-03-16}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/blog/fortinet-malware-ecosystem}, language = {English}, urldate = {2023-04-22} } Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation
2022-09-29MandiantAlexander Marvi, Greg Blaum
@online{marvi:20220929:bad:8fc7be3, author = {Alexander Marvi and Greg Blaum}, title = {{Bad VIB(E)s Part Two: Detection and Hardening within ESXi Hypervisors}}, date = {2022-09-29}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/blog/esxi-hypervisors-detection-hardening}, language = {English}, urldate = {2022-09-30} } Bad VIB(E)s Part Two: Detection and Hardening within ESXi Hypervisors
2022-09-29MandiantAlexander Marvi, Jeremy Koppen, Tufail Ahmed, Jonathan Lepore
@online{marvi:20220929:bad:4f02da8, author = {Alexander Marvi and Jeremy Koppen and Tufail Ahmed and Jonathan Lepore}, title = {{Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors}}, date = {2022-09-29}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/blog/esxi-hypervisors-malware-persistence}, language = {English}, urldate = {2022-09-30} } Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors