Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-22MandiantLuke Jenkins, Josh Atkins, Dan Black
@online{jenkins:20230922:backchannel:6da10a8, author = {Luke Jenkins and Josh Atkins and Dan Black}, title = {{Backchannel Diplomacy: APT29’s Rapidly Evolving Diplomatic Phishing Operations}}, date = {2023-09-22}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/blog/apt29-evolving-diplomatic-phishing}, language = {English}, urldate = {2023-10-18} } Backchannel Diplomacy: APT29’s Rapidly Evolving Diplomatic Phishing Operations
Brute Ratel C4 Cobalt Strike EnvyScout GraphDrop QUARTERRIG sRDI Unidentified 107 (APT29)
2022-11-29MandiantLuke Jenkins, Sarah Hawley, Parnian Najafi, Doug Bienstock
@online{jenkins:20221129:suspected:fe09dd8, author = {Luke Jenkins and Sarah Hawley and Parnian Najafi and Doug Bienstock}, title = {{Suspected Russian Activity Targeting Government and Business Entities Around the Globe}}, date = {2022-11-29}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/blog/russian-targeting-gov-business}, language = {English}, urldate = {2023-02-21} } Suspected Russian Activity Targeting Government and Business Entities Around the Globe
CEELOADER
2022-08-04MandiantLuke Jenkins, Emiel Haeghebaert, Alice Revelli, Ben Read
@online{jenkins:20220804:likely:37b622e, author = {Luke Jenkins and Emiel Haeghebaert and Alice Revelli and Ben Read}, title = {{Likely Iranian Threat Actor Conducts Politically Motivated Disruptive Activity Against Albanian Government Organizations}}, date = {2022-08-04}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/likely-iranian-threat-actor-conducts-politically-motivated-disruptive-activity-against}, language = {English}, urldate = {2022-08-08} } Likely Iranian Threat Actor Conducts Politically Motivated Disruptive Activity Against Albanian Government Organizations
2021-12-06MandiantLuke Jenkins, Sarah Hawley, Parnian Najafi, Doug Bienstock, Luis Rocha, Marius Fodoreanu, Mitchell Clarke, Manfred Erjak, Josh Madeley, Ashraf Abdalhalim, Juraj Sucik, Wojciech Ledzion, Gabriella Roncone, Jonathan Leathery, Ben Read, Microsoft Threat Intelligence Center (MSTIC), Microsoft Detection and Response Team (DART)
@online{jenkins:20211206:suspected:d9da4ec, author = {Luke Jenkins and Sarah Hawley and Parnian Najafi and Doug Bienstock and Luis Rocha and Marius Fodoreanu and Mitchell Clarke and Manfred Erjak and Josh Madeley and Ashraf Abdalhalim and Juraj Sucik and Wojciech Ledzion and Gabriella Roncone and Jonathan Leathery and Ben Read and Microsoft Threat Intelligence Center (MSTIC) and Microsoft Detection and Response Team (DART)}, title = {{Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452)}}, date = {2021-12-06}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/russian-targeting-gov-business}, language = {English}, urldate = {2021-12-07} } Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452)
Cobalt Strike CryptBot