Click here to download all references as Bib-File.
2022-06-02 ⋅ Mandiant ⋅ To HADES and Back: UNC2165 Shifts to LOCKBIT to Evade Sanctions FAKEUPDATES Blister Cobalt Strike DoppelPaymer Dridex FriedEx Hades LockBit Macaw MimiKatz Phoenix Locker WastedLocker |
2022-06-02 ⋅ Mandiant ⋅ TRENDING EVIL Q2 2022 CloudEyE Cobalt Strike CryptBot Emotet IsaacWiper QakBot |
2022-05-19 ⋅ Mandiant ⋅ The IO Offensive: Information Operations Surrounding the Russian Invasion of Ukraine HermeticWiper PartyTicket |
2022-05-05 ⋅ BrightTALK (Mandiant) ⋅ The Sample: Beating the Malware Piñata Jaku |
2022-05-04 ⋅ Mandiant ⋅ Old Services, New Tricks: Cloud Metadata Abuse by UNC2903 WSO |
2022-05-02 ⋅ Mandiant ⋅ UNC3524: Eye Spy on Your Email QUIETEXIT UNC3524 |
2022-04-28 ⋅ Mandiant ⋅ Trello From the Other Side: Tracking APT29 Phishing Campaigns Cobalt Strike |
2022-04-27 ⋅ Mandiant ⋅ Assembling the Russian Nesting Doll: UNC2452 Merged into APT29 Cobalt Strike Raindrop SUNBURST TEARDROP |
2022-04-25 ⋅ Mandiant ⋅ INDUSTROYER.V2: Old Malware Learns New Tricks INDUSTROYER2 |
2022-04-13 ⋅ Mandiant ⋅ INCONTROLLER: New State-Sponsored Cyber Attack Tools Target Multiple Industrial Control Systems |
2022-04-04 ⋅ Mandiant ⋅ FIN7 Power Hour: Adversary Archaeology and the Evolution of FIN7 Griffon BABYMETAL Carbanak Cobalt Strike JSSLoader Termite |
2022-03-28 ⋅ Mandiant ⋅ Forged in Fire: A Survey of MobileIron Log4Shell Exploitation KEYPLUG |
2022-03-23 ⋅ Mandiant ⋅ Not So Lazarus: Mapping DPRK Cyber Threat Groups to Government Organizations |
2022-03-18 ⋅ Recorded Future ⋅ Ghostwriter in the Shell: Expanding on Mandiant’s Attribution of UNC1151 to Belarus |
2022-03-16 ⋅ Mandiant ⋅ Have Your Cake and Eat it Too? An Overview of UNC2891 SLAPSTICK STEELCORGI |
2022-03-08 ⋅ Mandiant ⋅ Does This Look Infected? A Summary of APT41 Targeting U.S. State Governments KEYPLUG Cobalt Strike LOWKEY |
2022-03-04 ⋅ Mandiant ⋅ Responses to Russia's Invasion of Ukraine Likely to Spur Retaliation HermeticWiper PartyTicket WhisperGate |
2022-02-26 ⋅ Mandiant ⋅ TRENDING EVIL Q1 2022 KEYPLUG FAKEUPDATES GootLoader BazarBackdoor QakBot |
2022-02-24 ⋅ Mandiant ⋅ Left On Read: Telegram Malware Spotted in Latest Iranian Cyber Espionage Activity STARWHALE GRAMDOOR |
2022-02-23 ⋅ Mandiant ⋅ (Ex)Change of Pace: UNC2596 Observed Leveraging Vulnerabilities to Deploy Cuba Ransomware Cuba |