Three #DEFCON workshops. All hands-on. All led by Google experts. ⬇️ Pick your skill upgrade and learn more:

Explore the world of #ReverseEngineering with the CTO of @PolySwarm 🔎. In this Behind the Binary episode, get a rare look into the evolving landscape of binary analysis tools, the constant battle with malware obfuscation, and more!. 🎧:

A financially motivated threat actor, #UNC6148, is targeting fully patched, end-of-life SonicWall SMA 100 appliances. In this latest activity, they deploy a new persistent backdoor we track as OVERSTEP. 🔗 Full details and defensive recommendations:

Your backup isn't safe from threat actors if it's reachable from your production network. 🚨. Implement an isolated recovery environment (IRE) to ensure reliable recovery, even if your primary network has been compromised. Find out why IREs matter 👉

🎯 Heading to #BlackHat?. Mandiant Academy is offering hands-on trainings led by frontline experts. Built around real-world scenarios. Designed for defenders. Learn more ⬇️.

Threat hunters this one's for you!. Join Google Threat Intelligence for a hands-on webinar — spot advanced threats, hunt by behavior, and stay ahead of evolving patterns. Register today ⬇️.📅 July 16 (EN): 📅 July 23 (ES):

‼️ UNC6293 operations are evolving! GTIG has observed new tactics in a Russia state-sponsored phishing campaign. Get the details, and follow the mitigations outlined in the blog post to protect against any further phishing campaigns. 👇.

Ever wonder what goes into dissecting a major phishing attack? Our new analysis reveals the methodology behind our deep dive into a Booking campaign, powered by Google Threat Intelligence and Google Colab. Learn more here:

Cybercrime has evolved. Today's threat actors leverage ransomware and extortion for financial gain. ⚠️. As cybercriminals change their tactics, how can defenders stop them? Gain insight from Google Threat Intelligence Group and Mandiant experts →

🚨 Russia-backed threat group COLDRIVER is using LOSTKEYS malware to target files and system information from Western organizations and NGOs. Understand the campaign and how to defend against it ⬇️. 🔗

ICYMI: #APT41 is leveraging Google Calendar for C2. We mapped the attack details so defenders know what to look for and how to respond. 🔗

UNC3944 (Scattered Spider) activity is reportedly rising across global industries, including retail. Act now to stay ahead ⚠️. Learn more:

The countdown is on for #BlackHat 2025 ⌚️. Get ready for Mandiant trainings, @googlecloudsec briefings & exclusive demos of agentic AI security. See you there! 🔗

Protection relays, vital for power grid stability, are prime cyberattack targets ‼️. Increasing digitization exposes them to threats, risking outages and more. Securing these devices is essential for national power grid resilience. Learn more:

Have you heard about the Mandiant Academy trainings at #BlackHat 2025? Check out all the must-see @GoogleCloudSec sessions and trainings mapped out for you ⬇️. Secure your spot →

Who names the world’s most notorious APTs? 🤔. Meet Greg Sinclair, a reverse engineer from Google's FLARE team. In this Behind the Binary episode, he shares the story of how he discovered and named the North Korean APT, the Lazarus Group. 🎙️ Listen here:

Smarter threat detection? Say less! 🙌. Learn how to integrate Google Cloud Security's #MCP Servers with #ADK for enhanced threat detection. Check out the video:

SMS toll fraud is a $6B annual problem. 💵 Protect your business and customers from unexpected bills and compromised outreach. reCAPTCHA SMS defense is now GA! Prevent fraud before it strikes. Learn more:

Two vulnerabilities impacting Aviatrix Controller 7.2.5012 and prior versions were discovered by Mandiant Red Team ‼️. Learn how they exploited Aviatrix Controller through authentication bypass, unsafe file upload, and argument injection:

💡 Mandiant is heading to #BlackHat USA 2025!. From threat briefings to hands-on trainings, get a firsthand look at frontline intelligence in action. 🎟️ RSVP now and meet us in Vegas!. 👉