Written by: Bavi Sadayappan, Zach Riddle, Jordan Nuce, Joshua Shilko, Jeremy Kennelly < div class=”block-paragraph_advanced”> A version of this blog post was published to the Mandiant Advantage portal on April 18, 2024. Executive Summary In 2023, Mandiant observed an…
Tag: Threat Intelligence
IOC Extinction? China-Nexus Cyber Espionage Actors Use ORB Networks to Raise Cost on Defenders
Written by: Michael Raggi Mandiant Intelligence is tracking a growing trend among China-nexus cyber espionage operations where advanced persistent threat (APT) actors utilize proxy networks known as “ORB networks” (operational relay box networks) to gain an advantage when conducting…
Holes in Your Bitbucket: Why Your CI/CD Pipeline Is Leaking Secrets
Written by: Mark Swindle < div class=”block-paragraph_advanced”> While investigating recent exposures of Amazon Web Services (AWS) secrets, Mandiant identified a scenario in which client-specific secrets have been leaked from Atlassian’s code repository tool, Bitbucket, and leveraged by threat actors…