Mandiant Introduces Trending Evil Quarterly Report Series, Empowering Organizations to Strengthen Security Programs

Rhea-AI Summary

Mandiant, Inc. (NASDAQ: MNDT) launched the Trending Evil report series, offering insights into cyber threats and defensive actions for organizations. The inaugural Q1 2022 report highlights the impacts of the Log4Shell vulnerability, with Mandiant tracking 30 attack campaigns tied to this issue, including those by state-sponsored groups from China and Iran. It identified 11 malware families used in these attacks and showed a shift toward financially motivated threats. Key findings indicate that Mandiant's Managed Defense significantly reduced ransomware dwell time to less than 24 hours.

Positive

• Mandiant launched the Trending Evil report series to enhance cybersecurity awareness.
• The report tracks 30 attack campaigns related to the Log4Shell vulnerability.
• Identified 11 malware families used to exploit vulnerabilities.
• Managed Defense reduced average ransomware dwell time from 5 days to less than 24 hours.

Negative

• Ongoing threats from state-sponsored groups could pose risks to client security.
• Continued exploitation of vulnerabilities like Log4Shell may indicate systemic issues in the cybersecurity landscape.

Trending Evil Q1 2022 report highlights the lasting impact of Log4Shell and prevalence of financially motivated attacks

RESTON, Va.--(BUSINESS WIRE)-- Mandiant, Inc. (NASDAQ: MNDT), the leader in dynamic cyber defense and response, today announced the launch of Trending Evil, a new quarterly report series that offers an inside look at the most recent threats observed by Mandiant Managed Defense.

Delivered as an online, interactive experience, each Trending Evil report features the most impactful threat observed during the reporting period, as well as insight on the most prevalent threat actors, malware families, common target industries and tactics, techniques and procedures (TTPs). Additionally, to help organizations strengthen their security posture, every report provides defensive actions organizations can take to keep IT environments safe against the most prevalent threats.

Inaugural Trending Evil Report Findings

Now available, the Trending Evil Q1 2022 report¹ highlights the end of an active year in cyber and the lasting impact of Log4Shell vulnerability.

Key Highlights

• Mandiant Managed Defense continues to track and help protect customers against 30 attack campaigns exploiting the Log4j vulnerability (CVE-2021-44228), including activity from suspected China- and Iran-sponsored state-nexus threat clusters.
• During this period, Managed Defense detected 11 different malware families used to exploit the Log4Shell vulnerability.
• In addition to exploits against Log4Shell, Managed Defense observed numerous financially motivated attacks that delivered malicious payloads via fake web pages or email phishing campaigns.
• Phishing campaigns conducted by a financially motivated threat group Mandiant tracks as UNC2500 reveals changing TTPs. However, Managed Defense observed the outcomes of compromise remain the same: ransomware, exfiltration and extortion.
• Managed Defense observed activity from APT41, a Chinese state-sponsored espionage group that also conducts financially motivated activity for personal gain.
• The report highlights five trending malware families observed impacting industries across tech, government, education, finance, healthcare and real estate.

“Mandiant Managed Defense sits uniquely in the center of the Mandiant consulting group and the Mandiant Advantage SaaS platform serving as both a contributor and consumer of Mandiant’s renowned threat intelligence and frontline expertise,” said Dave Baumgartner, EVP, Security, Technology and Managed Solutions at Mandiant. “Last year, Managed Defense was responsible for finding and mitigating two prominent zero-day vulnerabilities. Distributing our insight in an easily consumable way through the Trending Evil report series is a natural next step in our mission to provide organizations of all sizes with visibility into the latest threats, helping them stay ahead with their security programs.”

Mandiant Managed Defense is a managed detection and response service that works as a seamless extension of security teams. The service delivers around the clock monitoring and event triage, continuous threat hunting to uncover hidden adversaries and rapid response and remediation to resolve incidents before they impact the organization. In fact, Managed Defense reduced the average 5-day dwell time for ransomware to less than 24 hours with no business impact.

More insights from the Trending Evil Q1 2022 report can be found here: http://experience.mandiant.com/read-trending-evil

For more information on Mandiant Managed Defense visit, https://www.mandiant.com/advantage/managed-defense

¹ The Mandiant Trending Evil Q1 2022 report reveals evil observed by Managed Defense between the dates of October 1 and December 31, 2021.

About Mandiant, Inc.

Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.

© 2022 Mandiant, Inc. All rights reserved. Mandiant is a registered trademark of Mandiant, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.

View source version on businesswire.com: https://www.businesswire.com/news/home/20220224005398/en/

Media

Media.Relations@Mandiant.com

Investors

Investor.Relations@Mandiant.com

Source: Mandiant, Inc.

FAQ

What is the Trending Evil report from Mandiant?

The Trending Evil report series provides insights into recent cyber threats and defensive actions that organizations can take.

What are the key findings of Mandiant's Q1 2022 report?

The report highlights the impact of the Log4Shell vulnerability, tracking 30 attack campaigns and identifying 11 malware families.

How has Mandiant's Managed Defense impacted ransomware incidents?

Mandiant's Managed Defense has reduced the average dwell time for ransomware from 5 days to less than 24 hours.

What threats are associated with the Log4Shell vulnerability?

The Log4Shell vulnerability has been exploited by various attack campaigns, including those sponsored by state actors from China and Iran.

What financially motivated attacks did Mandiant observe?

Mandiant noted phishing campaigns leading to ransomware and data exfiltration as part of financially motivated threats during the reporting period.