Click here to download all references as Bib-File.
2023-07-24 ⋅ Mandiant ⋅ North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack FULLHOUSE STRATOFEAR |
2023-07-24 ⋅ Mandiant ⋅ Pro-PRC HaiEnergy Campaign Exploits U.S. News Outlets via Newswire Services to Target U.S. Audiences; Evidence of Commissioned Protests in Washington, D.C. |
2023-07-21 ⋅ Mandiant ⋅ Exploitation of Citrix Zero-Day by Possible Espionage Actors (CVE-2023-3519) |
2023-07-20 ⋅ Mandiant ⋅ KillNet Showcases New Capabilities While Repeating Older Tactics |
2023-07-19 ⋅ Mandiant ⋅ Escalating Privileges via Third-Party Windows Installers |
2023-07-18 ⋅ Mandiant ⋅ Stealth Mode: Chinese Cyber Espionage Actors Continue to Evolve Tactics to Avoid Detection BPFDoor SALTWATER SEASPY SideWalk ZuoRAT Daxin HyperBro HyperSSL Waterbear |
2023-07-12 ⋅ Mandiant ⋅ The GRU's Disruptive Playbook CaddyWiper INDUSTROYER2 |
2023-07-11 ⋅ Mandiant ⋅ The Spies Who Loved You: Infected USB Drives to Steal Secrets PlugX |
2023-07-10 ⋅ Mandiant ⋅ Defend Against the Latest Active Directory Certificate Services Threats |
2023-06-28 ⋅ Mandiant ⋅ Detection, Containment, and Hardening Opportunities for Privileged Guest Operations, Anomalous Behavior, and VMCI Backdoors on Compromised VMware Hosts |
2023-06-15 ⋅ Mandiant ⋅ Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China SALTWATER SEASPY |
2023-06-13 ⋅ Mandiant ⋅ VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors (UNC3886) |
2023-06-02 ⋅ Mandiant ⋅ Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft |
2023-05-25 ⋅ Mandiant ⋅ COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises LIGHTWORK PIEHOP |
2023-04-20 ⋅ Mandiant ⋅ 3CX Software Supply Chain Compromise Initiated by a Prior Software Supply Chain Compromise; Suspected North Korean Actor Responsible POOLRAT IconicStealer |
2023-04-18 ⋅ Mandiant ⋅ M-Trends 2023 QUIETEXIT AppleJeus Black Basta BlackCat CaddyWiper Cobalt Strike Dharma HermeticWiper Hive INDUSTROYER2 Ladon LockBit Meterpreter PartyTicket PlugX QakBot REvil Royal Ransom SystemBC WhisperGate |
2023-04-13 ⋅ YouTube (The Korea Society) ⋅ The North Korean Cyber Threat |
2023-04-03 ⋅ Mandiant ⋅ ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access LaZagne BlackCat MimiKatz |
2023-03-30 ⋅ Mandiant ⋅ Contracts Identify Cyber Operations Projects from Russian Company NTC Vulkan INCONTROLLER |
2023-03-28 ⋅ Mandiant ⋅ APT43: North Korean Group Uses Cybercrime to Fund Espionage Operations |