Timeline
UNC5221
Chinese state-aligned APT targeting Western legal services and BPOs via 393-day BRICKSTORM backdoor on VMware infrastructure.
5 of 5 entries (2 events, 3 interactions)
Filters
#316 Apr
Mentioned in: CL-STA-1132 exploited PAN-OS since 16 April, log destruction confirmed
Cybersecurity: Threats and Defences#11 Mar
Deployed BRICKSTORM backdoor on vCenter and ESXi hosts averaging 393 days undetected dwell across legal, BPO, SaaS and tech targets
Cybersecurity: Threats and Defences: BRICKSTORM dwell hits 393 days, Mandiant#11 Mar
“abused identity platform”
Cybersecurity: Threats and Defences · source event
#11 Mar
“deployed backdoor on infrastructure”
Cybersecurity: Threats and Defences · source event
#11 Mar
“deployed backdoor on infrastructure”
Cybersecurity: Threats and Defences · source event