Threat Detection Report: IntroductionOur Threat Detection Report takes a close look at the most prevalent techniques & threats to help security teams focus on what matters most.·redcanary.com·Mar 23, 2022Threat Detection Report: Introduction
LOWKEY: Hunting for the Missing Volume Serial ID | Mandiant·mandiant.com·Mar 9, 2022LOWKEY: Hunting for the Missing Volume Serial ID | Mandiant
A Summary of APT41 Targeting U.S. State GovernmentsAPT41’s persistent effort allowed them to successfully compromise at least six U.S. state government networks.·mandiant.com·Mar 9, 2022A Summary of APT41 Targeting U.S. State Governments
Ugg Boots 4 Sale: A Tale of Palestinian-Aligned Espionage | Proofpoint US·proofpoint.com·Feb 21, 2022Ugg Boots 4 Sale: A Tale of Palestinian-Aligned Espionage | Proofpoint US
Log4j2 In The Wild | Iranian-Aligned Threat Actor "TunnelVision" Actively Exploiting VMware HorizonThreat actor exploits Log4j2 vulnerabilities to drop PowerShell backdoors, harvest credentials, and communicate via legitimate services.·sentinelone.com·Feb 21, 2022Log4j2 In The Wild | Iranian-Aligned Threat Actor "TunnelVision" Actively Exploiting VMware Horizon
Operation Bleeding Bear - Elastic Security ResearchElastic Security verifies new destructive malware targeting Ukraine: Operation Bleeding Bear#malware-analysis#ransomware·elastic.github.io·Jan 19, 2022Operation Bleeding Bear - Elastic Security Research
StellarParticle Campaign: Novel Tactics and Techniques | CrowdStrikeThis blog discusses the StellarParticle campaign and the novel tactics and techniques used in supply chain attacks observed by CrowdStrike incident responders.#wmi#windows-hacking·crowdstrike.com·Jan 28, 2022StellarParticle Campaign: Novel Tactics and Techniques | CrowdStrike