Resources Mandiant's RSS Feed en Anticipating Cyber Threats as the Ukraine Crisis Escalates <p><span><span><span>The crisis in Ukraine has already proven to be a catalyst </span></span></span><span><span><span>for aggressive cyber activity that will likely increase as the situation deteriorates.</span></span></span></p> Thu, 20 Jan 2022 19:45:00 -0500 adam.greenberg One Source to Rule Them All: Chasing AVADDON Ransomware <p><span><span><span><span><span>This post discusses AVADDON ransomware, and explores how ransomware operators think and continue to turn a profit in a constantly evolving cybercrime ecosystem.</span></span></span></span></span></p> Wed, 19 Jan 2022 17:00:00 -0500 adam.greenberg Proactive Preparation and Hardening to Protect Against Destructive Attacks <p><span><span><span><span><span><span>Our latest white paper provides hardening and detection guidance to protect against a destructive attack within an environment.</span></span></span></span></span></span></p> Fri, 14 Jan 2022 15:30:00 -0500 adam.greenberg The Cyber Risk Journey, Part One: Where Do We Go From Here? <p><span><span><span><span>Boards and senior leaders are working to develop a better understanding of how cyber risk is being managed within their organizations.</span></span></span></span></p> Thu, 13 Jan 2022 06:00:00 -0500 adam.greenberg What’s Better Than Free Threat Intelligence? <p><span><span><span>Mandiant Advantage Threat Intelligence Free customers will get upgraded accounts for the first 14 days after an account is approved.</span></span></span></p> Mon, 10 Jan 2022 05:00:00 -0500 adam.greenberg Log4Shell Initial Exploitation and Mitigation Recommendations <p><span><span><span><span><span><span>We provide an overview of how Log4j impacts organizations, share how attackers have leveraged it in the wild, and provide mitigation recommendations.</span></span></span></span></span></span></p> Wed, 15 Dec 2021 16:00:00 -0500 adam.greenberg A Year in Review with Kevin Mandia <p>For our final podcast of 2021, we bring on Mandiant CEO Kevin Mandia to talk about the one-year anniversary of SolarWinds, the year ahead, and more.</p> Wed, 15 Dec 2021 10:00:00 -0500 adam.greenberg No Unaccompanied Miners: Supply Chain Compromises Through Node.js Packages <p>In October 2021 we <span><span><span>identified multiple instances of supply chain compromises involving packages hosted on Node Package Manager.</span></span></span></p> Wed, 15 Dec 2021 06:00:00 -0500 adam.greenberg Azure Run Command for Dummies <p><span><span><span lang="EN-IE" xml:lang="EN-IE" xml:lang="EN-IE">We highlight Azure Run Commands and provide guidance for mitigations, hunting, and detection mainly from the perspective of the virtual machines at risk from this type of activity.</span></span></span></p> Tue, 14 Dec 2021 11:00:00 -0500 adam.greenberg Now You Serial, Now You Don’t — Systematically Hunting for Deserialization Exploits <p><span><span><span>Deserialization vulnerabilities are a class of bugs that have plagued multiple languages and applications over the years.</span></span></span></p> Mon, 13 Dec 2021 05:00:00 -0500 adam.greenberg