Tag: Threat Intelligence
Official Blog Threat Intelligence May 6, 2024Uncharmed: Untangling Iran's APT42 Operations
Official Blog Threat Intelligence May 6, 2024Official Blog Threat Intelligence May 6, 2024From Assistant to Analyst: The Power of Gemini 1.5 Pro for Malware Analysis
Official Blog Threat Intelligence April 29, 2024Poll Vaulting: Cyber Threats to Global Elections - Elections globally are under fire from cyberattacks targeting not just voting systems but campaigns, media, and social media too. State actors pose the biggest threat, but others join in. Strong defenses and awareness of diverse attack methods are crucial to safeguard elections.
Official Blog Security Threat Intelligence April 29, 2024M-Trends 2024: Our View from the Frontlines - Mandiant's latest M-Trends report highlights a concerning trend: attackers are actively working to evade detection and stay on compromised systems longer. The report analyzes data from 2023, revealing a rise in tactics like targeting unmonitored devices, using zero-day exploits, and leveraging legitimate tools.
Official Blog Threat Intelligence April 29, 2024FakeNet-NG Levels Up: Introducing Interactive HTML-Based Output - FakeNet-NG is a network analysis tool used to capture network traffic and simulate network services to help researchers understand malware behavior. Recently, FakeNet-NG was updated to generate interactive HTML reports to present captured data in a more user-friendly way.
Official Blog Threat Intelligence April 22, 2024Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm
Official Blog Security Threat Intelligence April 8, 2024Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies - Mandiant has responded to incidents involving exploited Ivanti Connect Secure VPN appliances. This blog post outlines post-exploitation activity observed, including lateral movement and malware deployment. Mandiant recommends patching and following Ivanti's guidance to mitigate the vulnerabilities.
Official Blog Threat Intelligence April 1, 2024Trends on Zero-Days Exploited In-the-Wild in 2023
Official Blog Threat Intelligence April 1, 2024SeeSeeYouExec: Windows Session Hijacking via CcmExec - In this blog post, we delve into how the CcmExec service can be utilized for session hijacking and introduce CcmPwn, a tool designed to facilitate this technique.
Useful Links
Contact
Třebanická 183
Prague, Czech Republic
Phone: +420 777 283 075
Email: [email protected]