top of page

Publications.

Screenshot 2024-06-27 5.47.00 PM.png

Global Revival of Hacktivism Requires Increased Vigilance from Defenders

Screenshot 2024-03-30 1.25.23 PM.png

Life After Death? IO Campaigns Linked to Notorious Russian Businessman Prigozhin Persist After His Political Downfall and Death

Screenshot 2023-12-02 8.27.11 AM.png

Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology

haienergy-us-news-fig7.png

Pro-PRC HaiEnergy Campaign Exploits U.S. News Outlets via Newswire Services to Target U.S. Audiences; Evidence of Commissioned Protests in Washington, D.C.

cosmicenergy-fig1.png

COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises

fig1-vulkan-assessment.png

Contracts Identify Cyber Operations Projects from Russian Company NTC Vulkan

hacktivist-ot-fig1.png

We (Did!) Start the Fire: Hacktivists Increasingly Claim Targeting of OT Systems

Screenshot 2023-12-02 8.31.43 AM.png

Pro-PRC “HaiEnergy” Information Operations Campaign Leverages Infrastructure from Public Relations Firm to Disseminate Content on Inauthentic News Sites

fig3-email-lure2.png

Gone Phishing: Hunting for Malicious Industrial-Themed Emails to Prevent Operational Technology Compromises

Capture123.PNG

Mandiant Red Team Emulates FIN11 Tactics To Control Operational Technology Servers

Figure4_Redacted.png

INDUSTROYER.V2: Old Malware Learns New Tricks

INCONTROLLER.PNG

INCONTROLLER: New State-Sponsored Cyber Attack Tools Target Multiple Industrial Control Systems

ot-exortion1_edited.jpg

1 in 7 Ransomware Extortion Attacks Leak Critical Operational Technology Information

Capture.JPG

Introducing Mandiant's Digital Forensics and Incident Response Framework for Embedded OT Systems

ThreatVectors.JPG

Portable Executable File Infecting Malware Is Increasingly Found in OT Networks

ScreenshotCriminal.JPG

Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises

fig4.jpg

Hacking Operational Technology for Defense: Lessons Learned From OT Red Teaming Smart Meter Control Infrastructure

picture3b.jpg

In Pursuit of a Gestalt Visualization: Merging MITRE ATT&CK® for Enterprise and ICS to Communicate Adversary Behaviors

VBpost.JPG

Hello From the OT Side!

Picredteam.png

A Hands-On Introduction to Mandiant's Approach to OT Red Teaming

Financially.png

Financially Motivated Actors Are Expanding Access Into OT: Analysis of Kill Lists That Include OT Processes Used With Seven Malware Families

ransom.png

Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT

Picture4b.jpg

Monitoring ICS Cyber Operation Tools and Software Exploit Modules to Anticipate Future Threats

Cycon.JPG

Call to Action: Mobilizing Community Discussion to Improve Information-Sharing About Vulnerabilities in Industrial Control Systems and Critical Infrastructure

Picture2.png

The Mandiant Approach To Operational Technology Security

HMI.png

Fantastic Information and Where to Find It: A Guidebook to Open-Source OT Reconnaissance

OTCSIO.jpg

The FireEye OT-CSIO: An Ontology to Understand, Cross-Compare, and Assess Operational Technology Cyber Security Incidents

Picture4.png

TRITON Actor TTP Profile, Custom Attack Tools, Detections, and ATT&CK Mappings

Fig1.jpg

ICS Tactical Security Trends: Analysis of the Most Frequent Risks Observed in the Field

spyware.jpg

Un vistazo a las implicaciones del uso de spyware en México 

Book.JPG

La gobernanza del ciberespacio y la incipiente participación de México
(From book: "México y el multilateralismo del siglo XXI : reflexiones a los 70 años de la ONU"

bottom of page