Threat Intelligence
-
Threats
UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat
Mandiant has observed an aggressive financially motivated group, UNC2447, exploiting one SonicWall VPN zero-day vulnerability prior to a patch being…
-
Threats
Abusing Replication: Stealing AD FS Secrets Over the Network
Organizations are increasingly adopting cloud-based services such as Microsoft 365 to host applications and data. Sophisticated threat actors are catching…
-
Threats
Ghostwriter Update: Cyber Espionage Group UNC1151 Likely Conducts Ghostwriter Influence Activity
In July 2020, Mandiant Threat Intelligence released a public report detailing an ongoing influence campaign we named “Ghostwriter.” Ghostwriter is…
-
Threats
Zero-Day Exploits in SonicWall Email Security Lead to Enterprise Compromise
In March 2021, Mandiant Managed Defense identified three zero-day vulnerabilities in SonicWall’s Email Security (ES) product that were being exploited…
-
Phishing
Attackers Exploited 4 Zero-Day Flaws in Chrome, Safari & IE
At least two government-backed actors — including one Russian group — used the now-patched flaws in separate campaigns, Google says.…
-
Breaches
Leaked Black Basta Chats Suggest Russian Officials Aided Leader’s Escape from Armenia
Mar 19, 2025Ravie LakshmananCybercrime / Threat Intelligence The recently leaked trove of internal chat logs among members of the Black…
-
Breaches
SANS Institute Warns of Novel Cloud-Native Ransomware Attacks
Mar 17, 2025The Hacker NewsCloud Security / Threat Intelligence The latest Palo Alto Networks Unit 42 Cloud Threat Report found…
-
Breaches
Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom
Mar 06, 2025Ravie LakshmananThreat Intelligence / Vulnerability The threat actors behind the Medusa ransomware have claimed nearly 400 victims since…
-
Breaches
The New Ransomware Groups Shaking Up 2025
In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023. After a slow start, attacks spiked in Q2…
-
Breaches
CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries
Feb 26, 2025Ravie LakshmananNetwork Security / Threat Intelligence The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday warned of…
English
العربية
简体中文
Nederlands
Français
Deutsch
Italiano
Қазақ тілі
Кыргызча
Latviešu valoda
Lietuvių kalba
Português
Русский
Српски језик
Slovenčina
Slovenščina
Español
Türkçe
Українська
O‘zbekcha