Mandiant Archives - Help Net Security

Mandiant

(Re)check your patched NetScaler ADC and Gateway appliances for signs of compromise

August 16, 2023

Administrators of Citrix NetScaler ADC and Gateway appliances should check for evidence of installed webshells even if they implemented fixes for CVE-2023-3519 quickly: A …

North Korean hackers targeted tech companies through JumpCloud and GitHub

July 21, 2023

North Korean state-sponsored hackers have been linked to two recent cyberattack campaigns: one involving a spear-phishing attack on JumpCloud and the other targeting tech …

Empowering Google security and networking solutions with AI

June 21, 2023

In this Help Net Security interview, Sunil Potti, GM and VP of Cloud Security at Google Cloud, talks about how new security and networking solutions powered by AI help improve …

MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362)

June 5, 2023

The zero-day vulnerability attackers have exploited to compromise vulnerable Progress Software’s MOVEit Transfer installations finally has an identification number: …

Attackers hacked Barracuda ESG appliances via zero-day since October 2022

May 30, 2023

Barracuda says that the recently discovered compromise of some of it clients’ ESG appliances via a zero-day vulnerability (CVE-2023-2868) resulted in the deployment of …

Photos: RSA Conference 2023, part 2

April 26, 2023

RSA Conference 2023 is taking place at the Moscone Center in San Francisco. Check out our microsite for the conference for all the most important news. Part 1 of the photos is …

Organizations are stepping up their game against cyber threats

April 24, 2023

Global median dwell time drops to just over two weeks, reflecting the essential role partnerships and the exchange of information play in building a more resilient …

3CX breach linked to previous supply chain compromise

April 24, 2023

Pieces of the 3CX supply chain compromise puzzle are starting to fall into place, though we’re still far away from seeing the complete picture. In the meantime, we now …

3CX compromise: More details about the breach, new PWA app released

April 12, 2023

3CX has released an interim report about Mandiant’s findings related to the compromise the company suffered last month, which resulted in a supply chain attack targeting …

3CX supply chain attack: What do we know?

April 3, 2023

Five days have passed since the supply chain attack targeting 3CX customers gained wider public attention, but the software’s manufacturer is yet to confirm how the …

These 15 European startups are set to take the cybersecurity world by storm

March 22, 2023

Google has announced the startups chosen for its Cybersecurity Startups Growth Academy. The 15 selected startups are from eight countries and were chosen from over 120 …

2022 witnessed a drop in exploited zero-days

March 21, 2023

Malicious threat actors have actively exploited 55 zero-days in 2022 – down from 81 in 2021 – with Microsoft, Google, and Apple products being most targeted. 53 …

Mandiant

(Re)check your patched NetScaler ADC and Gateway appliances for signs of compromise

North Korean hackers targeted tech companies through JumpCloud and GitHub

Empowering Google security and networking solutions with AI

MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362)

Attackers hacked Barracuda ESG appliances via zero-day since October 2022

Photos: RSA Conference 2023, part 2

Organizations are stepping up their game against cyber threats

3CX breach linked to previous supply chain compromise

3CX compromise: More details about the breach, new PWA app released

3CX supply chain attack: What do we know?

These 15 European startups are set to take the cybersecurity world by storm

2022 witnessed a drop in exploited zero-days

Don't miss

Malicious ads creep into Bing Chat responses

How should organizations navigate the risks and opportunities of AI?

Why California’s Delete Act matters for the whole country

Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217)

How to avoid the 4 main pitfalls of cloud identity management