Transformer machine learning has seen big breakthroughs in recent years, and in this blog post we discuss a case study in which we apply Transformers to malicious URL detection.

In this blog, learn about a simple debugging tactic for creating “save points” during iterative remote debugging of complex multi-stage samples that execute code in heap memory at non-deterministic addresses.

On this episode we have Daniel Kapellmann Zafra, a manager on Mandiant’s Cyber Physical Threat Intelligence team, to discuss a recent blog he and has team have released on the trend of lower sophistication threat actors targeting operational technology (OT).

This blog post details the post-compromise tradecraft and operational tactics, techniques, and procedures (TTPs) of a Chinese espionage group we track as UNC215. While UNC215’s targets are located throughout the Middle East, Europe, Asia, and North America, this report focuses on intrusion activity primarily observed at Israeli entities.