Mandiant (part of Google Cloud)

UNC6671, a threat actor operating under the "BlackFile" brand, leverages vishing and adversary-in-the-middle to bypass multi-factor authentication. The group targets Microsoft 365 and Okta environments for programmatic data exfiltration. 🔗 goo.gle/4ujAUy4

Discover our full catalog of Mandiant Academy courses: goo.gle/4ditzro

Cybersecurity training hits different when it’s built from real-world incident response. Mandiant Academy courses are grounded in real-time threat intel and adversary methodologies that our incident response teams see every day. 🎥 What to expect from June’s Fundamentals class:

"Copy Fail" (CVE-2026-31431) escapes containers in 732 bytes. Hunt it with Agentic AI and Advanced Searches. Learn more about operating Agentic AI to analyze threats here: goo.gle/4wo2hbJ #GoogleTIMondays 🛡️ #ThreatIntelligence #AgenticAI

AI isn’t just a tool for attackers; it’s a target. Our latest report shows how adversaries use AI to build exploits and target AI infrastructure for initial access. 🔗 goo.gle/4djxILu

Melbourne cyber pros: Join us at Google Melbourne for Mandiant Community Night! Explore a software engineering approach to threat detection (CD/CR) with our frontline experts to reduce alert toil. Space is limited. RSVP by May 12: goo.gle/49k3eb4

Traditional debugging hasn't evolved in decades. Tune in to Behind the Binary to hear Xusheng explain why Time Travel Debugging is the paradigm shift the industry has been waiting for. Listen on Apple Podcasts: goo.gle/42OrzCb

See what’s possible: We’re using agentic AI to turn dark web data into YARA rules for web shells. 🛡️ Don't just watch, hunt. 🔗 To get started with the Agentic Platform check out the documentation here: goo.gle/4uoqi0p #GoogleTIMondays 🤖 🚀

🔄 Threat actors regularly re-emerge under different identities. New agentic capabilities in Google Threat Intelligence and the dark web monitoring module streamline investigations, linking multi-alias actors and mapping operations. 🔗 Learn more: goo.gle/48ufZj8

It’s tomorrow! 🚨 AI is collapsing the window between vulnerability discovery and exploitation. Join John Hultquist (Chief Analyst, Google Threat Intelligence Group) & Paul Mudgett (Senior Manager, Mandiant) to learn how to respond. Register: bit.ly/4eiq86e

Read these blog posts for more information: IPIDEA: goo.gle/3QNMr9V GRIDTIDE: goo.gle/4ujWbaE

What does it take to disrupt cyber threats at scale? Luke McNamara and GTIG disruption lead Charley Snyder discuss how Google is disrupting adversary operations. Learn about the team, and lessons from recent disruptions: IPIDEA & GRIDTIDE. Listen now: goo.gle/4u8k2tI

UNC6692 is impersonating IT helpdesk employees on Microsoft Teams to deploy custom malware. The SNOW ecosystem (SNOWBELT, SNOWGLAZE, SNOWBASIN) enables deep network penetration and exfiltration. Read the analysis and get indicators of compromise. ➡️ goo.gle/3OVpSzs

Hunt PowerShell & VBS like a pro! Use Agentic AI to unmask threats. Find these in Google TI saved searches via tag:GoogleTIMondays #GoogleTIMondays

72 hours remain before the session. ⏳ Join GTIG Chief Analyst John Hultquist and Mandiant Principal Consultant Omar ElAhdan to explore how security teams are adapting to faster exploitation timelines and AI-enabled threats. Register now → bit.ly/4u76P4g

Join us for the “Syntactical Supremacy” training at @BlackHatEvents 2026! ✅ Day 1: Master the deobfuscation library, recover scattered CFGs and opaque predicates. ✅ Day 2: Architect obfuscation by writing custom C++ LLVM passes. ✍️: bit.ly/4mQ7Ifg

Download the M-Trends 2026 report: bit.ly/4sRsqNa

In this episode of The Defender’s Advantage Podcast, host Luke McNamara is joined by Chris Linklater, Practice Leader at Mandiant, to discuss some key insights from the M-Trends 2026 report. 🎧 Take a listen: bit.ly/4crNoxa

New Hacktivist DDoS Dashboard is live! 🚀 Track actor claims, botnet C2, & victim trends in Google TI via Dashboards. bit.ly/4cC5Qlo #GoogleTIMondays #DDoS

Attending #GoogleCloudNext? Join a group of experts for a deep dive into the agentic enterprise, from infrastructure to AI agents. Day 2 from 11:45 AM - 12:30 PM ⏱️ bit.ly/424noSF