We discuss SAIGON, banking malware most likely based on the source code of the v3 variant of Ursnif.

We uncovered new tools in FIN7's malware arsenal, and new evasion techniques being used by the cybercrime group.

Intel (API v4), Collects Threat Indicators, Malware Families, Vulnerabilities, and Threat Actor intelligence and creates MISP Events

Batloader malware is being distributed as part of a SEO poisoning campaign, which involves some crafty defensive evasion techniques.

A suspected Chinese campaign involving long term persistence using malware on unpatched SonicWall Secure Mobile Access appliances.

We discuss SCANdalous, a solution we developed that enables us to track thousands of threat groups, malware families and profiles.

Our journey of statistical PDB analysis did not yield a magic malware classifier, but did yield a number of useful findings.

Mandiant recently responded to an incident at a critical infrastructure organization where an attacker deployed malware designed to manipulate industrial safety systems.

Mandiant launches capa version 4.0, a free open-source tool that supports both malware triage and deep dive reverse engineering.

Mandiant researchers tracked APT29 phishing campaigns targeting diplomatic organizations around the world and identified two new malware families.