Showing page 1 of 10 of 24 results.

PageBlog

Cyber Security Blog

Read expert perspectives and industry news.
https://www.mandiant.com/resources/blog
BlogBlog

Shining a Light on DARKSIDE Ransomware Operations | Blog

The creators of DARKSIDE ransomware and their affiliates have launched a global crime spree affecting organizations in more than 15 countries and multiple industry verticals.
https://www.mandiant.com/resources/blog/shining-a-light-on-darkside-ransomware-operations
BlogBlog

SilkETW: Because Free Telemetry is … Free! | Blog

Over time people have had an on-again, off-again interest in  Event Tracing for Windows  (ETW). ETW, first introduced in Windows 2000, is a lightweight Kernel level tracing facility that was originally intended for debugging, diagnostics and performance. Gradually, however, defenders realized that ETW provided metrics and data content that was not otherwise available without custom development efforts. Even so, aside from a number of big players in the industry, people have been slow to adopt ETW as a data source for detection and research. The two primary problems with ETW are: the complexities involved in event collection, and the volume of data that is generated. The task of looking through a haystack to find the proverbial needle is not necessarily appealing from an engineering perspective (How do you store the data? How do you process the data? Is the data really valuable? What were we looking for again?).
https://www.mandiant.com/resources/blog/silketw-because-free-telemetry-is-free
BlogBlog

Proactive Preparation and Hardening to Protect Against Destructive Attacks | Blog

Our latest white paper provides hardening and detection guidance to protect against a destructive attack within an environment.
https://www.mandiant.com/resources/blog/protect-against-destructive-attacks
BlogBlog

Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 | Blog

Mandiant uncovered and publicly disclosed a widespread attacker campaign that is being tracked as UNC2452 . In some, but not all, of the intrusions associated with this campaign where Mandiant has visibility, the attacker used their access to on-premises networks to gain unauthorized access to the victim’s Microsoft 365 environment. Learn more about the techniques used by UNC2452, as well as an auditing script to check for indicators of some of these techniques.
https://www.mandiant.com/resources/blog/remediation-and-hardening-strategies-for-microsoft-365-to-defend-against-unc2452
BlogBlog

Attacks Leveraging Adobe Zero-Day (CVE-2018-4878) – Threat Attribution, Attack Scenario and Recommendations | Blog

https://www.mandiant.com/resources/blog/attacks-leveraging-adobe-zero-day-cve-2018-4878-threat-attribution-attack-scenario-and-recommendations-blog
BlogBlog

CARBANAK Week Part Two: Continuing the CARBANAK Source Code Analysis

Check out the second post in our four-part blog series on CARBANAK.
https://www.mandiant.com/resources/blog/carbanak-week-part-two-continuing-carbanak-source-code-analysis
BlogBlog

How the Rise of Cryptocurrencies Is Shaping the Cyber Crime Landscape: Blockchain Infrastructure Use

This blog covers the growing trend of cyber criminals using blockchain domains for malicious infrastructure.
https://www.mandiant.com/resources/blog/how-rise-cryptocurrencies-shaping-cyber-crime-landscape-blockchain-infrastructure-use
BlogBlog

How the Rise of Cryptocurrencies Is Shaping the Cyber Crime Landscape: The Growth of Miners

This blog post discusses the various trends that we have been observing related to cryptojacking activity.
https://www.mandiant.com/resources/blog/how-rise-cryptocurrencies-shaping-cyber-crime-landscape-growth-miners
BlogBlog

CARBANAK Week Part One: A Rare Occurrence

We kick off CARBANAK Week with the first post in our four-part blog series.
https://www.mandiant.com/resources/blog/carbanak-week-part-one-a-rare-occurrence