Mandiant Introduces Trending Evil Quarterly Report Series, Empowering Organizations to Strengthen Security Programs

Trending Evil Q1 2022 report highlights the lasting impact of Log4Shell and prevalence of financially motivated attacks

RESTON, Va.--(BUSINESS WIRE)-- Mandiant, Inc. (NASDAQ: MNDT), the leader in dynamic cyber defense and response, today announced the launch of Trending Evil, a new quarterly report series that offers an inside look at the most recent threats observed by Mandiant Managed Defense.

Delivered as an online, interactive experience, each Trending Evil report features the most impactful threat observed during the reporting period, as well as insight on the most prevalent threat actors, malware families, common target industries and tactics, techniques and procedures (TTPs). Additionally, to help organizations strengthen their security posture, every report provides defensive actions organizations can take to keep IT environments safe against the most prevalent threats.

Inaugural Trending Evil Report Findings

Now available, the Trending Evil Q1 2022 report¹ highlights the end of an active year in cyber and the lasting impact of Log4Shell vulnerability.

Key Highlights

Mandiant Managed Defense continues to track and help protect customers against 30 attack campaigns exploiting the Log4j vulnerability (CVE-2021-44228), including activity from suspected China- and Iran-sponsored state-nexus threat clusters.
During this period, Managed Defense detected 11 different malware families used to exploit the Log4Shell vulnerability.
In addition to exploits against Log4Shell, Managed Defense observed numerous financially motivated attacks that delivered malicious payloads via fake web pages or email phishing campaigns.
Phishing campaigns conducted by a financially motivated threat group Mandiant tracks as UNC2500 reveals changing TTPs. However, Managed Defense observed the outcomes of compromise remain the same: ransomware, exfiltration and extortion.
Managed Defense observed activity from APT41, a Chinese state-sponsored espionage group that also conducts financially motivated activity for personal gain.
The report highlights five trending malware families observed impacting industries across tech, government, education, finance, healthcare and real estate.

“Mandiant Managed Defense sits uniquely in the center of the Mandiant consulting group and the Mandiant Advantage SaaS platform serving as both a contributor and consumer of Mandiant’s renowned threat intelligence and frontline expertise,” said Dave Baumgartner, EVP, Security, Technology and Managed Solutions at Mandiant. “Last year, Managed Defense was responsible for finding and mitigating two prominent zero-day vulnerabilities. Distributing our insight in an easily consumable way through the Trending Evil report series is a natural next step in our mission to provide organizations of all sizes with visibility into the latest threats, helping them stay ahead with their security programs.”

Mandiant Managed Defense is a managed detection and response service that works as a seamless extension of security teams. The service delivers around the clock monitoring and event triage, continuous threat hunting to uncover hidden adversaries and rapid response and remediation to resolve incidents before they impact the organization. In fact, Managed Defense reduced the average 5-day dwell time for ransomware to less than 24 hours with no business impact.

More insights from the Trending Evil Q1 2022 report can be found here: http://experience.mandiant.com/read-trending-evil

For more information on Mandiant Managed Defense visit, https://www.mandiant.com/advantage/managed-defense

¹ The Mandiant Trending Evil Q1 2022 report reveals evil observed by Managed Defense between the dates of October 1 and December 31, 2021.

About Mandiant, Inc.

Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.

© 2022 Mandiant, Inc. All rights reserved. Mandiant is a registered trademark of Mandiant, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.