Mandiant, provider in dynamic cyber defense and response, announced the launch of Trending Evil, a new quarterly report series that offers an inside look at the most recent threats observed by Mandiant Managed Defense.
Delivered as an online, interactive experience, each Trending Evil report features the most impactful threat observed during the reporting period, as well as insight on the most prevalent threat actors, malware families, common target industries and tactics, techniques and procedures (TTPs). Additionally, to help organisations strengthen their security posture, every report provides defensive actions organisations can take to keep IT environments safe against the most prevalent threats.
Inaugural Trending Evil Report Findings
Now available, the Trending Evil Q1 2022 report highlights the end of an active year in cyber and the lasting impact of Log4Shell vulnerability.
Key Highlights
- Mandiant Managed Defense continues to track and help protect customers against 30 attack campaigns exploiting the Log4j vulnerability (CVE-2021-44228), including activity from suspected China- and Iran-sponsored state-nexus threat clusters.
- During this period, Managed Defense detected 11 different malware families used to exploit the Log4Shell vulnerability.
- In addition to exploits against Log4Shell, Managed Defense observed numerous financially motivated attacks that delivered malicious payloads via fake web pages or email phishing campaigns.
- Phishing campaigns conducted by a financially motivated threat group Mandiant tracks as UNC2500 reveals changing TTPs. However, Managed Defense observed the outcomes of compromise remain the same: ransomware, exfiltration and extortion.
- Managed Defense observed activity from APT41, a Chinese state-sponsored espionage group that also conducts financially motivated activity for personal gain.
- The report highlights five trending malware families observed impacting industries across tech, government, education, finance, healthcare and real estate.
“Mandiant Managed Defense sits uniquely in the center of the Mandiant consulting group and the Mandiant Advantage SaaS platform serving as both a contributor and consumer of Mandiant’s renowned threat intelligence and frontline expertise,” said Dave Baumgartner, EVP, Security, Technology and Managed Solutions at Mandiant. “Last year, Managed Defense was responsible for finding and mitigating two prominent zero-day vulnerabilities. Distributing our insight in an easily consumable way through the Trending Evil report series is a natural next step in our mission to provide organisations of all sizes with visibility into the latest threats, helping them stay ahead with their security programs.”
Mandiant Managed Defense is a managed detection and response service that works as a seamless extension of security teams. The service delivers around the clock monitoring and event triage, continuous threat hunting to uncover hidden adversaries and rapid response and remediation to resolve incidents before they impact the organisation. In fact, Managed Defense reduced the average 5-day dwell time for ransomware to less than 24 hours with no business impact.
To read more exclusive features and latest news please see our February issue here.
Media contact
Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922
Email: [email protected]
