Mandiant

Silent Data Extortion Campaign Hits US Law Firms Through Vishing and Remote Access Abuse

| | Cyber threats and incidents, law firms, Mandiant, UNC3753, vishing
What happened A financially motivated threat group is conducting a targeted data theft and extortion campaign against US legal, professional, and financial services firms using a blend of phishing, voice-based social engineering, ...
CISO Whisperer
Google cloud security

Google’s Defense Platform Leans on AI to Protect Against Fountier AI Threats

| | AI Security, AI vs AI security, Anthropic Mythos, frontier AI models, Google AI Threat Defense, Google Cloud Security, Google CodeMender, Google Gemini, Mandiant, Project Glasswing, The Futurum Group, Wiz
Google Cloud is offering AI Threat Defense, an AI-driven autonomous security platform that combines the capabilities of its Gemini models, Wiz, Mandiant, and CodeMender to give enterprises the tools they need to ...
Security Boulevard
National Public Data breach lawsuit

Vercel Data Breach Linked to Earlier Context.ai Compromise

| | compromised credentials, Context.ai, Data breach, data extortion, Google Workspace, Hudson Rock, Mandiant, OAuth security risks, ShinyHunters, stolen data, third-party attack surface risk, Vercel
Hackers breached systems of Vercel, a popular frontend cloud platform provider and Next.js maintainer, in an attack that's been traced back to the compromise earlier this year of a Context.ai employee's system ...
Security Boulevard
accesscan glize spelling mistakes

CISA mixup of IOC domains

| | accesscam, accesscan, cisa, Dynu, glize, GTIG, IOC, Mandiant
Googles Threat Intelligence Group (GTIG) and Mandiants recent Disrupting the GRIDTIDE Global Cyber Espionage Campaign report is great and it has lots of good Indicators of Compromise (IOC). Many of these IOCs ...
NETRESEC Network Security Blog
accesscan glize spelling mistakes

CISA mixup of IOC domains

| | accesscam, accesscan, cisa, Dynu, glize, GTIG, IOC, Mandiant
Googles Threat Intelligence Group (GTIG) and Mandiants recent Disrupting the GRIDTIDE Global Cyber Espionage Campaign report is great and it has lots of good Indicators of Compromise (IOC). Many of these IOCs ...
NETRESEC Network Security Blog
credentials EUAC CUI classified secrets SMB

ShinyHunters Leads Surge in Vishing Attacks to Steal SaaS Data

| | data theft extortion, Mandiant, MFA Bypass, Okta, Scattered Lapsus$ Hunters, ShinyHunters, Silent Push, Single sign-on (SSO) authentication, vishing as a service
Several threat clusters are using vishing in extortion campaigns that include tactics that are consistent with those used by high-profile threat group ShinyHunters. They are stealing SSO and MFA credentials to access ...
Security Boulevard
Please Don’t Feed the Scattered Lapsus ShinyHunters

Please Don’t Feed the Scattered Lapsus ShinyHunters

| | Allison Nixon, Data breaches, Latest Warnings, Mandiant, Ransomware, Scattered Lapsus Shiny Hunters, sextortion, SLSH, The Coming Storm, Unit 221
A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and ...
Krebs on Security
National Public Data breach lawsuit

Cl0p Ransomware Group Exploited a Zero-Day in Oracle EBS Attacks

| | Cl0p Ransomware, cyber extortion, Google Threat Intelligence, Mandiant, Oracle E-Business Suite Security
The Cl0p ransomware group exploited a zero-day security flaw in Oracle's E-Business Suite to compromise corporate networks and steal data, according to Mandiant. The threat actors are sending emails to executives of ...
Security Boulevard
BEC, fraud, MFA, Armorblox BEC data breach attorney-client IKEA Email Security Breaches Rises

Google Mandiant: Emails Sent to Corporate Execs Claiming Oracle Data Theft

| | Cl0p Ransomware, FIN11, Google Threat Intelligence, malicious email, Mandiant, Oracle E-Business Suite
Corporate executives at multiple organizations are receiving malicious emails from threat actors saying they are associated with the Cl0p ransomware group and have sensitive data a stolen from the targets' Oracle E-Business ...
Security Boulevard
National Public Data breach lawsuit

UNC6395 Hackers Accessed Systems via a GitHub Account, Salesloft Says

| | Data breach, google, Mandiant, SaaS applications, Salesloft, UNC6395
Security investigators from Google said UNC6395 hackers spent several months running through Salesloft and Drift systems before launching a data breach campaign that some security researchers say has targeted hundreds of technology ...
Security Boulevard
Load more