We discuss SCANdalous, a solution we developed that enables us to track thousands of threat groups, malware families and profiles.

In this post we provide an overview on Business Email Compromise involving Office 365 and then offer details on how to effectively investigate these attacks.

During an investigation, FireEye Mandiant has found real-time events to be useful in filling in the gaps of what an attacker did.

Malicious actors have been actively deploying MAZE ransomware since at least May 2019.

We recently worked on a new C# variant of Dark Crystal RAT and now aim to help defenders look for indicators of compromise and other telltale signs of this malware.

FireEye Mandiant Threat Intelligence documented more zero-days exploited in 2019 than any of the previous three years.

We introduce Kerberos, cover some of the various storage solutions, and introduce a new tool that extracts Kerberos tickets.

Learn all about some lesser known features of FakeNet-NG, and some strategies to help master using our network simulation tool.

APT32 carried out intrusion campaigns against Chinese targets likely to collect intelligence on the COVID-19 crisis.

We expect financially motivated actors will continue to change their tactics to maximize profit generated from ransomware infections.