Mandiant Archives

Threat Intelligence

M-Trends 2025: State-Sponsored IT Workers Emerge as Global Threat

Mandiant’s latest threat report shows how attackers adapt faster than defenses, shifting strategies toward credential theft and insider threats.

Kevin Townsend1 day ago

Incident Response

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle

The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices.

Ryan NaraineApril 11, 2025

Artificial Intelligence

Google Targets SOC Overload With Automated AI Alert and Malware Analysis Tools

Google plans to unleash automated AI agents into overtaxed SOCs to reduce the manual workload for cybersecurity investigators.

Ryan NaraineApril 9, 2025

Artificial Intelligence

Google Pushing ‘Sec-Gemini’ AI Model for Threat-Intel Workflows

Experimental Sec-Gemini v1 touts a combination of Google’s Gemini LLM capabilities with real-time security data and tooling from Mandiant.

Ryan NaraineApril 7, 2025

Malware & Threats

Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances

Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits.

Ryan NaraineApril 3, 2025

Nation-State

Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers

China-nexus cyberespionage group caught planting custom backdoors on end-of-life Juniper Networks Junos OS routers.

Ryan NaraineMarch 12, 2025

Malware & Threats

How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying

Mandiant warns that multiple Russian APTs are abusing a nifty Signal Messenger feature to surreptitiously spy on encrypted conversations.

Ryan NaraineFebruary 19, 2025

Nation-State

North Korea Hackers Linked to Breach of German Missile Manufacturer

The targeting of Diehl Defence is significant because the company specializes in the production of missiles and ammunition.

Ryan NaraineSeptember 30, 2024

Nation-State

Iranian APT Operating as Initial Access Provider to Networks in the Middle East

Iranian state-sponsored threat actor UNC1860 is operating as an initial access provider to high-profile networks in the Middle East.

Ionut ArghireSeptember 24, 2024

Fraud & Identity Theft

Mandiant Offers Clues to Spotting and Stopping North Korean Fake IT Workers

Mandiant shines the spotlight on the growing infiltration of US and Western companies by North Korean fake IT workers.

Ryan NaraineSeptember 23, 2024

Malware & Threats

Mandiant Shines Spotlight on APT45 Behind North Korea’s Digital Military Machine

A fresh Mandiant report documents North Korea's APT45 as a distinct hacking team conducting cyberespionage and ransomware operations.

Ryan NaraineJuly 25, 2024

Cyberwarfare

Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns

Chinese government-backed hacking team caught breaking into organizations in shipping, logistics and automotive sectors in Europe and Asia.

Ryan NaraineJuly 18, 2024

SECURITYWEEK NETWORK:

ICS:

All posts tagged "Mandiant"

Threat Intelligence

M-Trends 2025: State-Sponsored IT Workers Emerge as Global Threat

Incident Response

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle

Artificial Intelligence

Google Targets SOC Overload With Automated AI Alert and Malware Analysis Tools

Artificial Intelligence

Google Pushing ‘Sec-Gemini’ AI Model for Threat-Intel Workflows

Malware & Threats

Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances

Nation-State

Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers

Malware & Threats

How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying

Nation-State

North Korea Hackers Linked to Breach of German Missile Manufacturer

Nation-State

Iranian APT Operating as Initial Access Provider to Networks in the Middle East

Fraud & Identity Theft

Mandiant Offers Clues to Spotting and Stopping North Korean Fake IT Workers

Malware & Threats

Mandiant Shines Spotlight on APT45 Behind North Korea’s Digital Military Machine

Cyberwarfare

Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns

Featured

Vulnerabilities

SAP Zero-Day Possibly Exploited by Initial Access Broker

Data Breaches

5.5 Million Patients Affected by Data Breach at Yale New Haven Health

Cybercrime

Cyberattack Hits British Retailer Marks & Spencer

Data Breaches

Korean Telco Giant SK Telecom Hacked

Data Breaches

Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack

Artificial Intelligence

The Shadow AI Surge: Study Finds 50% of Workers Use Unapproved AI Tools

Vulnerabilities

Fresh Windows NTLM Vulnerability Exploited in Attacks

Latest News

CISO Strategy

Cynomi Raises $37 Million Series B to Expand Its vCISO Platform

Cybersecurity Funding

Browser Security Firm SquareX Raises $20 Million

CISO Strategy

Former Google Cloud CISO Phil Venables Joins Ballistic Ventures

Artificial Intelligence

Lattica Emerges From Stealth With FHE Platform for AI

Threat Intelligence

M-Trends 2025: State-Sponsored IT Workers Emerge as Global Threat

Risk Management

Inside the Verizon 2025 DBIR: Five Trends That Signal a Shift in the Cyber Threat Economy

Cybersecurity Funding

Scamnetic Raises $13 Million to Prevent Scams in Real Time

Daily Briefing Newsletter