Mandiant
North Korean Group Uses Fake Job Offers to Target Energy, Aerospace Sectors
The North Korean-backed threat group UNC2970 is using spearphishing emails and WhatsApp messages to entice high-level executives in the energy and aerospace sectors to open a malicious ZIP file containing a fake ...
Google Nears $23 Billion Purchase Of Wiz: Reports
Alphabet Inc.’s Google is closing in on a $23 billion acquisition of cybersecurity firm Wiz – its largest purchase ever ...
Ticketmaster is Tip of Iceberg: 165+ Snowflake Customers Hacked
Not our fault, says CISO: “UNC5537” breached at least 165 Snowflake instances, including Ticketmaster, LendingTree and, allegedly, Advance Auto Parts ...
Google Continues Mixing Generative AI into Cybersecurity
The new Google Threat Intelligence cloud service draws from Mandiant, VirusTotal, and its own insights and combines them with generative AI ...
Reading the Mandiant M-Trends 2024
This is my informal, unofficial, unapproved etc blog based on my reading of the just-released Mandiant M-Trends 2024 report (Happy 15th Birthday, M-Trends! May you live for many googley years…)Vaguely relevant AI visual ...
Privacy Challenges in Relationships, Phishing Down but Vulnerabilities Up?
In episode 327 Tom, Scott, and Kevin discuss the findings from Mandiant’s M-Trends 2024 report, highlighting a significant rise in traditional vulnerability exploitation by attackers while observing a decline in phishing. Despite ...
Google Adds Security Command Center Enterprise to Mandiant Portfolio
Google has added a Security Command Center Enterprise platform to unify the management of security operations (SecOps) to its Mandiant portfolio ...
China Steals Defense Secrets ‘on Industrial Scale’
UNC5174 ❤ UNC302: CVSS 10 and 9.8 vulnerabilities exploited by Chinese threat actor for People’s Republic ...
CISA, Mandiant Warn of a Worsening Situation for Ivanti Users
The federal government and cybersecurity teams are warning organizations that threat groups are exploiting multiple flaws in Ivanti’s VPN appliances despite the vendor’s Integrity Checking Tool (ICT) and even after factory resets ...
New Malware in Exploits Targeting Ivanti Vulnerabilities
Google-owned Mandiant has uncovered a new malware exploiting vulnerabilities in Ivanti Connect Secure VPN and Policy Secure devices. These malwares have been utilized by several threat groups, including the China-nexus espionage group ...
