In early 2019, Mandiant began identifying and responding to intrusions in the Middle East by Chinese espionage group UNC215. These intrusions exploited a Microsoft SharePoint vulnerability to install webshells and FOCUSFJORD payloads at targets in the Middle East and Central Asia. In addition to data from Mandiant Incident Response andRead More…