#MandiantTracking

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks

by

July 25, 2024 at 11:03AM North Korea-linked threat actor APT45 is expanding into financially-motivated attacks using ransomware, marking a shift from traditional cyber espionage. It is associated with deploying ransomware families SHATTEREDGLASS and Maui, targeting entities in South Korea, Japan, and the U.S. The group is also linked to malware such as Dtrack and has … Read more

Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws

by

April 5, 2024 at 04:33AM Several China-linked threat actors are exploiting zero-day security flaws impacting Ivanti appliances, with Mandiant tracking multiple clusters, financially motivated actors, and post-exploitation activities involving the deployment of various malware tools. This underscores the threat posed by edge appliances and the actors’ ability to tailor their tradecraft to evade detection. Based … Read more