Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-10-24MandiantFoti Castelan, Gabby Roncone, Jared Wilson, JP Glab, Max Thauer, Tufail Ahmed
Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575)
UNC5820
2024-10-24MandiantFoti Castelan, Gabby Roncone, Jared Wilson, JP Glab, Mandiant, Max Thauer, Tufail Ahmed
Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575)
2024-09-19MandiantMark Lechtik, Matan Mimran, Sarah Bock, Stav Shulman
UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks
OATBOAT
2024-09-19MandiantMark Lechtik, Matan Mimran, Sarah Bock, Stav Shulman
UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks
CRYPTOSLAY PipeSnoop TEMPLEDOOR UNC1860
2024-08-22MandiantAaron Lee, Praveeth DSouza
PEAKLIGHT: Decoding the Stealthy Memory-Only Malware
Emmenhtal
2024-07-29MandiantAshley Pearson, Jake Nicastro, Joseph Pisano, Josh Murchie, Joshua Shilko, Raymond Leong
UNC4393 Goes Gently into the SILENTNIGHT
Black Basta QakBot sRDI SystemBC Zloader UNC4393
2024-07-18MandiantMike Stokkel
APT41 Has Arisen From the DUST
DUSTTRAP PINEGROVE
2024-07-18MandiantJared Wilson, Jonathan Lepore, Luis Rocha, Mike Stokkel, Pierre Gerlings, RENATO FONTANA, Stephen Eckels
APT41 Has Arisen From the DUST
Cobalt Strike
2024-06-18MandiantMandiant
Cloaked and Covert: Uncovering UNC3886 Espionage Operations
2024-05-22MandiantMichael Raggi
IOC Extinction? China-Nexus Cyber Espionage Actors Use ORB Networks to Raise Cost on Defenders
2024-05-08MandiantMandiant
M-Trends 2024 Special Report: Chinese Espionage Operations Targeting The Visibility Gap
BOLDMOVE WHIRLPOOL
2024-04-19YouTube (Decipher)Dan Black, Gabby Roncone, Lindsey O’Donnell-Welch
A Decade of Sandworm: Digging into APT44’s Past and Future With Mandiant
2024-04-16MandiantAlden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Nick Simonian, Ryan Hall, Tyler McLellan
APT44: Unearthing Sandworm
VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm
2024-04-04MandiantAshley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
TONERJAM
2024-03-22MandiantDan Black, Luke Jenkins
APT29 Uses WINELOADER to Target German Political Parties
WINELOADER
2024-02-27MandiantChen Evgi, Jonathan Leathery, Ofir Rozmann
When Cats Fly: Suspected Iranian Threat Actor UNC1549 Targets Israeli and Middle East Aerospace and Defense Sectors
LIGHTRAIL MINIBIKE MINIBUS UNC1549
2024-01-30MandiantDiana Ion, Jae Young Kim, Muhammad Umair, Panagiotis Antoniou, Yash Gupta
Evolution of UNC4990: Uncovering USB Malware's Hidden Depths
QUIETBOARD Vetta Loader UNC4990
2024-01-19MandiantMandiant
Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021
2024-01-12MandiantDimiter Andonov, Gabby Roncone, John Wolfram, Matt Lin, Robert Wallace, Tyler McLellan
Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation
UTA0178
2023-12-14MandiantAdrian McCabe, Geoff Ackerman, Rufus Brown, Ryan Tomcik
Opening a Can of Whoop Ads: Detecting and Disrupting a Malvertising Campaign Distributing Backdoors
DanaBot DarkGate