cybersecurity threats
-
Breaches
Attacks Erase Western Digital Network-Attached Storage Drives
The company suspects a remote code execution vulnerability affecting My Book Live and My Book Live Duo devices and recommends…
-
Threats
UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat
Mandiant has observed an aggressive financially motivated group, UNC2447, exploiting one SonicWall VPN zero-day vulnerability prior to a patch being…
-
Threats
Abusing Replication: Stealing AD FS Secrets Over the Network
Organizations are increasingly adopting cloud-based services such as Microsoft 365 to host applications and data. Sophisticated threat actors are catching…
-
Phishing
Attackers Exploited 4 Zero-Day Flaws in Chrome, Safari & IE
At least two government-backed actors — including one Russian group — used the now-patched flaws in separate campaigns, Google says.…
-
Threat Intelligence
Cyber-Threat Group Targets Critical RCE Vulnerability in ‘Bleed You’ Campaign
The “Bleed You” campaign is trying to take advantage of a known remote code execution (RCE) vulnerability in Windows Internet Key…
-
Threat Intelligence
$275M Fine for Meta After Facebook Data Scrape
Following the discovery of a data set of Facebook user personal data available on the Internet, the European Union’s Data Protection…
-
Threats
Ghostwriter Update: Cyber Espionage Group UNC1151 Likely Conducts Ghostwriter Influence Activity
In July 2020, Mandiant Threat Intelligence released a public report detailing an ongoing influence campaign we named “Ghostwriter.” Ghostwriter is…
-
Threats
Zero-Day Exploits in SonicWall Email Security Lead to Enterprise Compromise
In March 2021, Mandiant Managed Defense identified three zero-day vulnerabilities in SonicWall’s Email Security (ES) product that were being exploited…