APT trends report Q3 2024

In the second half of 2022, a wave of attacks from an unknown threat actor targeted victims with a new type of attack framework that we dubbed P8. The campaign targeted Vietnamese victims, mostly from the financial sector, with some Read More …

Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology

In late 2022, Mandiant responded to a disruptive cyber physical incident in which the Russia-linked threat actor Sandworm targeted a Ukrainian critical infrastructure organization. This incident was a multi-event cyber attack that leveraged a novel technique for impacting industrial control Read More …

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques

Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China Read More …