Mandiant (part of Google Cloud)
We’re determined to make organizations secure against cyber threats and confident in their readiness.
- The Cybersecurity Forecast 2026 report is here! Based on insights from dozens of Google security leaders and experts, the report helps organizations feel prepared for the year ahead. Read some key highlights, and then download the full report for a deeper look: cloud.google.com/security/res...
- Our insights on the widespread Oracle E-Business Suite zero-day exploitation: ✔️ Breakdown and analysis of the campaign ✔️ Deep dive into threat actor’s multi-stage, in-memory Java implant framework ✔️ Recommendations, IOCs, and more for defenders Read now: cloud.google.com/blog/topics/...
- BRICKSTORM malware is being used by suspected China-nexus actor, UNC5221, in a stealthy espionage campaign. -Avg dwell time: 393 days -Targets: US legal, SaaS, BPOs & tech firms We have released a scanner, IOCs, and guidance to help defenders. Full analysis here: bit.ly/4pT3pku
- 🚨 APT41 is using malware, TOUGHPROGRESS, that leverages Google Calendar for command and control. Learn more about the campaign and how GTIG helped disrupt it. Additionally, leverage our included YARA rules, hashes and other IOCs to help defend against this threat: cloud.google.com/blog/topics/...
- UNC3944 (Scattered Spider) is a financially-motivated threat actor known for persistent and brazen social engineering, including targeting help desks. Our guidance can help organizations defend against the UNC3944 tactics we have observed when responding to this group. Stay ahead ➡️ bit.ly/3EXHvtE
- We tracked 75 zero-days exploited in the wild in 2024. Zero-day use is steadily increasing, notably for espionage. We see more focus on enterprise technologies, over 60% of which were security and networking products. Read the report for metrics, trends and more: cloud.google.com/blog/topics/...
- M-Trends 2025 is here! Get data from our investigations, including top initial infection vectors and targeted industries, and dive deep into trends such as rising infostealer use and the DPRK insider threat. We also share recommendations to stay ahead. Read now: cloud.google.com/security/res...
