iPhone Hack Allegedly Used to Spy on China’s Uyghurs
U.S. intelligence said that the Chaos iPhone remote takeover exploit was used against the minority ethnic group before Apple could patch the problem.
In 2019, a Chinese security researcher...
Major U.S. Pipeline Crippled in Ransomware Attack
Colonial Pipeline says it is the victim of a cyberattack that forced the major provider of liquid fuels to the East Coast to temporarily halted all pipeline operations.
A...
Qualcomm Chip Bug Opens Android Fans to Eavesdropping
A malicious app can exploit the issue, which could affect up to 30 percent of Android phones.
A vulnerability in a 5G modem data service could allow mobile hackers to...
Ryuk Ransomware Attack Sprung by Frugal Student
The student opted for “free” software packed with a keylogger that grabbed credentials later used by “Totoro” to get into a biomolecular institute.
A European biomolecular research institute involved in...
Global Phishing Attacks Spawn Three New Malware Strains
The never-seen malware strains have "professionally coded sophistication" and were launched by a well-resourced APT using nearly 50 domains, one hijacked.
Two waves of global financial phishing attacks that swamped...
New Crypto-Stealer ‘Panda’ Spread via Discord
PandaStealer is delivered in rigged Excel files masquerading as business quotes, bent on stealing victims’ cryptocurrency and other info.
Yet another new information stealer – Panda Stealer – is...
Scripps Health Cyberattack Causes Widespread Hospital Outages
The San Diego-based hospital system diverted ambulances to other medical centers after a suspected ransomware attack.
Scripps Health, a hospital network based in San Diego, was hit by a cyberattack...
The UNC2529 Triple Double: A Trifecta Phishing Campaign
In December 2020, Mandiant observed a widespread, global phishing campaign targeting numerous organizations across an array of industries. Mandiant tracks this threat actor as UNC2529. Based on the considerable...
UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat
Mandiant has observed an aggressive financially motivated group, UNC2447, exploiting one SonicWall VPN zero-day vulnerability prior to a patch being available and deploying sophisticated malware previously reported by other...
Abusing Replication: Stealing AD FS Secrets Over the Network
Organizations are increasingly adopting cloud-based services such as Microsoft 365 to host applications and data. Sophisticated threat actors are catching on and Mandiant has observed an increased focus on...
