Click here to download all references as Bib-File.•
2024-08-22
⋅
Mandiant
⋅
PEAKLIGHT: Decoding the Stealthy Memory-Only Malware Emmenhtal |
2024-07-29
⋅
Mandiant
⋅
UNC4393 Goes Gently into the SILENTNIGHT Black Basta QakBot sRDI SystemBC Zloader UNC4393 |
2024-07-18
⋅
Mandiant
⋅
APT41 Has Arisen From the DUST DUSTTRAP PINEGROVE |
2024-07-18
⋅
Mandiant
⋅
APT41 Has Arisen From the DUST Cobalt Strike |
2024-06-18
⋅
Mandiant
⋅
Cloaked and Covert: Uncovering UNC3886 Espionage Operations |
2024-04-19
⋅
YouTube (Decipher)
⋅
A Decade of Sandworm: Digging into APT44’s Past and Future With Mandiant |
2024-04-16
⋅
Mandiant
⋅
APT44: Unearthing Sandworm VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm |
2024-04-04
⋅
Mandiant
⋅
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies |
2024-03-22
⋅
Mandiant
⋅
APT29 Uses WINELOADER to Target German Political Parties WINELOADER |
2024-02-27
⋅
Mandiant
⋅
When Cats Fly: Suspected Iranian Threat Actor UNC1549 Targets Israeli and Middle East Aerospace and Defense Sectors LIGHTRAIL MINIBIKE MINIBUS UNC1549 |
2024-01-30
⋅
Mandiant
⋅
Evolution of UNC4990: Uncovering USB Malware's Hidden Depths QUIETBOARD Vetta Loader UNC4990 |
2024-01-19
⋅
Mandiant
⋅
Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021 |
2024-01-12
⋅
Mandiant
⋅
Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation UTA0178 |
2023-12-14
⋅
Mandiant
⋅
Opening a Can of Whoop Ads: Detecting and Disrupting a Malvertising Campaign Distributing Backdoors DanaBot DarkGate |
2023-11-09
⋅
Mandiant
⋅
Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology CaddyWiper |
2023-10-10
⋅
Mandiant
⋅
Assessed Cyber Structure and Alignments of North Korea in 2023 TraderTraitor |
2023-09-22
⋅
Mandiant
⋅
Backchannel Diplomacy: APT29’s Rapidly Evolving Diplomatic Phishing Operations Brute Ratel C4 Cobalt Strike EnvyScout GraphDrop QUARTERRIG sRDI Unidentified 107 (APT29) |
2023-07-24
⋅
Mandiant
⋅
Pro-PRC HaiEnergy Campaign Exploits U.S. News Outlets via Newswire Services to Target U.S. Audiences; Evidence of Commissioned Protests in Washington, D.C. |
2023-07-24
⋅
Mandiant
⋅
North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack FULLHOUSE STRATOFEAR TraderTraitor |
2023-07-21
⋅
Mandiant
⋅
Exploitation of Citrix Zero-Day by Possible Espionage Actors (CVE-2023-3519) |