News • Insights • Analysis
Historically Mandiant has made assessments on the Democratic People’s Republic of Korea’s (DPRK) cyber program based on Mandiant responses to intrusions, defector accounts, and OSINT reporting, in conjunction with government disclosures of DPRK units and motivation information. These assessments were Read More …
A previously unknown advanced persistent threat (APT) group used custom malware and multiple publicly available tools to target a number of organizations in the manufacturing, IT, and biomedical sectors in Taiwan. A government agency located in the Pacific Islands, as Read More …
Groups range from known collectives to new outfits eager to raise their profile Hacktivism efforts have proliferated rapidly in the Middle East following the official announcement of a war between Palestine and Israel.… The escalation was spurred by a deadly Read More …
The Budworm advanced persistent threat (APT) group continues to actively develop its toolset. Most recently, the Threat Hunter Team in Symantec, part of Broadcom, discovered Budworm using an updated version of one of its key tools to target a Middle Read More …
This summary provides an overview of reports of APT and financial attacks on industrial enterprises that were disclosed in H1 2023, as well as related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities. For Read More …
A cluster of threat actor activity that Unit 42 observed attacking a Southeast Asian government target could provide insight into a rarely seen, stealthy APT group known as Gelsemium. The researchers found this activity as part of an investigation into Read More …
During the lead up to Ukraine’s counteroffensive, Mandiant and Google’s Threat Analysis Group (TAG) have tracked an increase in the frequency and scope of APT29 phishing operations. Investigations into the group’s recent activity have identified an intensification of operations centered Read More …
Cisco Talos recently discovered a new malware family we’re calling “HTTPSnoop” being deployed against telecommunications providers in the Middle East. HTTPSnoop is a simple, yet effective, backdoor that consists of novel techniques to interface with Windows HTTP kernel drivers and Read More …
Kuwait’s finance ministry said on Monday that one of its systems had suffered a cyberattack in the early morning but that the ministry continued to work normally. The ministry said in a statement that protection systems and procedures had been Read More …
According to the Ministry of State Security on Saturday which is the 23rd National Defense Education Day, China has become the main victim of advanced persistent threat (APT) attacks, adding that cyberspace has become an important battleground for foreign intelligence Read More …
