The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

PolySwarm Tech Team

Find me on:

Recent Posts

Cerber2021 Targets Windows and Linux

Jun 30, 2022 1:18:47 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Cerber, CerberImposter, CVE-2022-26134, Cerber2021

0 Comments



Executive Summary

Cyble recently reported on the resurgence of Cerber2021 ransomware, which targets both Windows and Linux systems.

Key Takeaways

Read More

PingPull Targets Telecom, Government, and Financial Verticals

Jun 27, 2022 3:56:10 PM / by PolySwarm Tech Team posted in Threat Bulletin, Financial, Government, Telecommunications, PingPull, Gallium

0 Comments



Executive Summary

Palo Alto’s Unit42 recently reported on PingPull, a RAT used by the Gallium threat actor group to target entities in the telecommunications, government, and financial verticals.

Read More

Lyceum .NET DNS Backdoor “DnsSystem”

Jun 24, 2022 2:22:18 PM / by PolySwarm Tech Team posted in Threat Bulletin, Lyceum, Hexane, Siamese Kitten, DnsSystem, .NET DNS Backdoor

0 Comments



Executive Summary

Zscaler recently reported on a new .NET DNS backdoor “DnsSystem” used by the threat actor group known as Lyceum. It is primarily used to target entities in the Middle East.

Read More

Symbiote Linux Malware

Jun 20, 2022 12:01:49 PM / by PolySwarm Tech Team posted in Threat Bulletin, Linux, Symbiote

0 Comments



Executive Summary

Intezer and BlackBerry recently reported on Symbiote, a difficult to detect Linux malware that relies on existing running processes to infect a system.

Read More

Pymafka Targets macOS, Windows, Linux

Jun 17, 2022 2:17:39 PM / by PolySwarm Tech Team posted in Threat Bulletin, Windows, Linux, Python, Pymafka, Cobalt Strike

0 Comments



Executive Summary

Sonatype recently reported on Pymakfa, a malicious Python package in the PyPl registry dropping Cobalt Strike on macOS, Windows, and Linux.

Read More

Enemybot IoT Malware

Jun 13, 2022 3:47:53 PM / by PolySwarm Tech Team posted in Threat Bulletin, Android, Linux, Enemybot, CMS

0 Comments



Executive Summary

AT&T Alien Labs recently reported on Enemybot, an internet of things (IoT) malware targeting content management systems (CMS), Linux, and Android.

Key Takeaways

Read More

Follina MSDT Vulnerability (CVE-2022-30190)

Jun 6, 2022 1:54:53 PM / by PolySwarm Tech Team posted in Threat Bulletin, Windows, Follina, CVE-2022-30190, MS Office, MSDT

0 Comments



Background

Microsoft recently published an advisory on a newly identified zero-day vulnerability that affects Microsoft Support Diagnostic Tool (MSDT). CVE-2022-30190, which is being exploited in the wild, has been dubbed Follina by industry researcher Kevin Beaumont.

Read More

PolySwarms New Hunt Functionality

Jun 2, 2022 2:09:53 PM / by PolySwarm Tech Team posted in PolySwarm, Threat Hunting, New Features, Product Update

0 Comments



Many of you have given us feedback on our live and historical hunt functionality and we are thrilled to let you know that we are going live with your suggestions.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts