News • Insights • Analysis
For more than a decade, U.S. cybersecurity experts have warned about Russian hacking that increasingly uses the labor power of financially motivated criminal gangs to achieve political goals, such as strategically leaking campaign emails. Prolific ransomware groups in the last Read More …
Since early 2021, Mandiant has been tracking extensive APT29 phishing campaigns targeting diplomatic organizations in Europe, the Americas, and Asia. This blog post discusses our recent observations related to the identification of two new malware families in 2022, BEATDROP and Read More …
Mandiant has gathered sufficient evidence to assess that the activity tracked as UNC2452, the group name used to track the SolarWinds compromise in December 2020, is attributable to APT29. This conclusion matches attribution statements previously made by the U.S. Government Read More …
Allegations of Chinese cyber activity as the recent conflict broke out in Ukraine have been emerging. The details appear unusually murky but one Western intelligence official believes the aim was espionage – and the cyber-attack may have been broader than Read More …
A Chinese state-backed advanced persistent threat (APT) group is attacking organizations around the globe in a likely espionage campaign that has been ongoing for several months. Victims in this Cicada (aka APT10) campaign include government, legal, religious, and non-governmental organizations Read More …
Photos and personal documents disclosing information on Mossad director David Barnea and his family were leaked in a Telegram channel called “Open Hands” on Tuesday, Walla reported. Created hours before the leak was published to some 30 followers, the channel Read More …
China captured a spy tool deployed by the US National Security Agency, which is capable of lurking in a victim’s computer to access sensitive information and was found to have controlled global internet equipment and stole large amounts of users’ Read More …
UPDATE: The original post may not have provided full clarity that CVE-2021-44207 (USAHerds) had a patch developed by Acclaim Systems for applicable deployments on or around Nov. 15, 2021. Mandiant cannot speak to the affected builds, deployment, adoption, or other technical factors Read More …
Russia has some of the best hackers in the world, but in the early days of the war in Ukraine, its ability to create mayhem through malware hasn’t had much of a noticeable impact. Instead, it’s Ukraine that’s marshalled sympathetic Read More …
The Computer Emergency Response Team for Ukraine (CERT-UA) has warned of ongoing phishing and Ghostwriter activities attacking organizations in the country. On February 26, CERT-UA said it continues to track the movements of UNC1151/Ghostwriter, which is currently attacking targets in Read More …
