Click here to download all references as Bib-File.
2023-03-09 ⋅ Mandiant ⋅ Stealing the LIGHTSHOW (Part One) — North Korea's UNC2970 CLOUDBURST TOUCHMOVE TOUCHSHIFT |
2023-03-09 ⋅ Mandiant ⋅ Stealing the LIGHTSHOW (Part Two) — LIGHTSHIFT and LIGHTSHOW |
2023-02-15 ⋅ Google ⋅ Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape CaddyWiper Dharma HermeticWiper INDUSTROYER2 PartyTicket WhisperGate |
2023-02-03 ⋅ Mandiant ⋅ Float Like a Butterfly Sting Like a Bee BazarBackdoor BumbleBee Cobalt Strike |
2023-01-26 ⋅ Mandiant ⋅ Welcome to Goot Camp: Tracking the Evolution of GOOTLOADER Operations GootLoader |
2023-01-19 ⋅ Mandiant ⋅ Suspected Chinese Threat Actors Exploiting FortiOS Vulnerability (CVE-2022-42475) BOLDMOVE BOLDMOVE |
2023-01-05 ⋅ Mandiant ⋅ Turla: A Galaxy of Opportunity KopiLuwak Andromeda QUIETCANARY |
2022-12-15 ⋅ Mandiant ⋅ Trojanized Windows 10 Operating System Installers Targeted Ukrainian Government Cobalt Strike STOWAWAY |
2022-12-13 ⋅ Mandiant ⋅ I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware POORTRY |
2022-11-29 ⋅ Mandiant ⋅ Suspected Russian Activity Targeting Government and Business Entities Around the Globe CEELOADER |
2022-11-28 ⋅ Mandiant ⋅ Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia BLUEHAZE DARKDEW MISTCLOAK |
2022-10-19 ⋅ Mandiant ⋅ From RM3 to LDR4: URSNIF Leaves Banking Fraud Behind LDR4 |
2022-09-29 ⋅ Mandiant ⋅ Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors |
2022-09-29 ⋅ Mandiant ⋅ Bad VIB(E)s Part Two: Detection and Hardening within ESXi Hypervisors |
2022-09-23 ⋅ Mandiant ⋅ GRU: Rise of the (Telegram) MinIOns ArguePatch CaddyWiper |
2022-09-14 ⋅ Mandiant ⋅ It's Time to PuTTY! DPRK Job Opportunity Phishing via WhatsApp BLINDINGCAN |
2022-09-08 ⋅ Mandiant ⋅ What to Expect When You’re Electing: Preparing for Cyber Threats to the 2022 U.S. Midterm Elections |
2022-09-07 ⋅ Mandiant ⋅ APT42: Crooked Charms, Cons, and Compromises |
2022-09-07 ⋅ Mandiant ⋅ APT42: Crooked Charms, Cons and Compromises PINEFLOWER VINETHORN VBREVSHELL BROKEYOLK DOSTEALER GHAMBAR SILENTUPLOADER |
2022-08-18 ⋅ Mandiant ⋅ You Can’t Audit Me: APT29 Continues Targeting Microsoft 365 |