Cloaked and Covert: Uncovering UNC3886 Espionage Operations | allinfosecnews.com

June 18, 2024, 2 p.m. | Mandiant

Threat Intelligence cloud.google.com

Written by: Punsaen Boonyakarn, Shawn Chew, Logeswaran Nadarajan, Mathew Potaczek, Jakub Jozwiak, Alex Marvi

Following the discovery of malware residing within ESXi hypervisors in September 2022, Mandiant began investigating numerous intrusions conducted by UNC3886, a suspected China-nexus cyber espionage actor that has targeted prominent strategic organizations on a global scale. In January 2023, Mandiant provided detailed analysis of the exploitation of a now-patched vulnerability in FortiOS employed by a threat actor suspected to be UNC3886. In March 2023, we provided …

actor alex china cloaked covert cyber cyber espionage discovery espionage esxi global hypervisors january malware mandiant nexus operations organizations scale september strategic threat intelligence unc3886 written

More from cloud.google.com / Threat Intelligence

Global Revival of Hacktivism Requires Increased Vigilance from Defenders 5 days, 19 hours ago | cloud.google.com

activism daniel defenders global +11

Cloaked and Covert: Uncovering UNC3886 Espionage Operations 2 weeks ago | cloud.google.com

actor alex china cloaked +20

UNC3944 Targets SaaS Applications 2 weeks, 5 days ago | cloud.google.com

0ktapus applications as-a-service attacker +34

Insights on Cyber Threats Targeting Users and Enterprises in Brazil 2 weeks, 6 days ago | cloud.google.com

adam brazil critical cyber +18

UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion 3 weeks, 1 day ago | cloud.google.com

campaign cloud cloud data collections +24

Phishing for Gold: Cyber Threats Facing the 2024 Paris Olympics 3 weeks, 6 days ago | cloud.google.com

cyber cyber espionage cyber threat cyber threats +19

Ransomware Rebounds: Extortion Threat Surges in 2023, Attackers Rely on Publicly Available and Legitimate Tools 4 weeks, 1 day ago | cloud.google.com

april attackers blog blog post +14

IOC Extinction? China-Nexus Cyber Espionage Actors Use ORB Networks to Raise Cost on Defenders 1 month, 1 week ago | cloud.google.com

advanced advanced persistent threat apt box +24

Holes in Your Bitbucket: Why Your CI/CD Pipeline Is Leaking Secrets 1 month, 1 week ago | cloud.google.com

access amazon amazon web services atlassian +26

Senior Corporate & Commercial Counsel

@ Armis Security | North Carolina, United States

View on infosec-jobs.com

Senior Corporate & Commercial Counsel

@ Armis Security | Georgia, United States

View on infosec-jobs.com

Senior Corporate & Commercial Counsel

@ Armis Security | Boston, Massachusetts, United States

View on infosec-jobs.com

Senior Corporate & Commercial Counsel

@ Armis Security | Austin, Texas, United States

View on infosec-jobs.com

IP Network Engineer

@ Rogers Communications | Calgary, AB, CA

View on infosec-jobs.com

Global Product Manager

@ Vodafone | London, GB

View on infosec-jobs.com