all InfoSec News
Cloaked and Covert: Uncovering UNC3886 Espionage Operations
Threat Intelligence cloud.google.com
Written by: Punsaen Boonyakarn, Shawn Chew, Logeswaran Nadarajan, Mathew Potaczek, Jakub Jozwiak, Alex Marvi
Following the discovery of malware residing within ESXi hypervisors in September 2022, Mandiant began investigating numerous intrusions conducted by UNC3886, a suspected China-nexus cyber espionage actor that has targeted prominent strategic organizations on a global scale. In January 2023, Mandiant provided detailed analysis of the exploitation of a now-patched vulnerability in FortiOS employed by a threat actor suspected to be UNC3886. In March 2023, we provided …
actor alex china cloaked covert cyber cyber espionage discovery espionage esxi global hypervisors january malware mandiant nexus operations organizations scale september strategic threat intelligence unc3886 written