
Vanguard Panda
China
Details
VANGUARD PANDA is a China-nexus targeted intrusion adversary that relies heavily on living-off-the-land (LOTL) techniques and also uses webshells in addition to well-known tools such as Impacket and Fast Reverse Proxy (FRP). Initial access methods have historically involved exploiting Zoho ManageEngine software and, likely more recently, Fortinet FortiGuard. VANGUARD PANDA appears to focus on data...
Community Identifiers
MQH5nf8aZsXE0tg
Objective
- hjnWtYiFKdpw18xb7uElrDM
Motivation
- BvTZjYGaCykhsHO
Contact our team about
IOCs for this adversary
?