Discover and read the best of Twitter Threads about #unc1130
Most recents (2)
🚨 @Mandiant’s M-Trends is here!! 🚨
Stories include 👀
1️⃣ Mandiant’s insights on attacker operations from the frontlines
2️⃣ Ukraine holds the line against 🇷🇺’s cyber operations
3️⃣ Uncommon techniques, successful hacks
4️⃣ DRPK getting 🔐coin
5️⃣ Red Team vs the ☁️
6️⃣ 🎓 APT 42
Stories include 👀
1️⃣ Mandiant’s insights on attacker operations from the frontlines
2️⃣ Ukraine holds the line against 🇷🇺’s cyber operations
3️⃣ Uncommon techniques, successful hacks
4️⃣ DRPK getting 🔐coin
5️⃣ Red Team vs the ☁️
6️⃣ 🎓 APT 42
🔑 Takeaways
By The #️⃣
↪️👩🏼💻 Attackers are using what works in region that’s being targeted.
↪️Perimeter device #exploits 💥were used at a higher frequency in 2022.
↪️ Ransomware may be down, but specific ransomware families are proving to be formidable opponents.
By The #️⃣
↪️👩🏼💻 Attackers are using what works in region that’s being targeted.
↪️Perimeter device #exploits 💥were used at a higher frequency in 2022.
↪️ Ransomware may be down, but specific ransomware families are proving to be formidable opponents.
Today, we've released #APT43 🇰🇵. As part of this release, I wanted to highlight some of the background research that went into this. No blue checkmark, so I have to do a normal thread 😅mandiant.com/resources/blog…
Many groups are defined in reports as prolific. What does that really mean? #APT43 started as #UNC1130. we're now in the 4000s+ for UNCs. They've been around the block. Not only that, but the rate at which they spin up infrastructure is impressive.
Through our approach of Continuous Visibility on targets, we have nearly 200 signals deployed for this group alone, with a vast majority aiming to identify suspected infrastructure. We are looking at potential new domains nearly everyday.
