PolySwarm Threat Bulletin
THIS THREAT BULLETIN IS PROVIDED FOR SITUATIONAL AWARENESS
Background
PolySwarm recently released several publications and blog posts discussing Russia-Ukraine tensions and the potential for both kinetic and cyber conflict:
Feb 25, 2022 2:37:21 PM / by PolySwarm Tech Team posted in Ukraine, Russia, Threat Bulletin, Financial, Wiper, Malware, DDoS, Katana, Government, Defense
PolySwarm Threat Bulletin
THIS THREAT BULLETIN IS PROVIDED FOR SITUATIONAL AWARENESS
Background
PolySwarm recently released several publications and blog posts discussing Russia-Ukraine tensions and the potential for both kinetic and cyber conflict:
Feb 22, 2022 3:20:55 PM / by PolySwarm Tech Team posted in Threat Bulletin, Espionage, India, APT36, Android, Pakistan, Mythic Leopard, CapraRAT
PolySwarm Threat Bulletin
Background
Cyble recently released a deep dive analysis of Mythic Leopard espionage activity leveraging CapraRAT Android spyware. This campaign targeted Indian government officials.
Feb 17, 2022 1:44:35 PM / by PolySwarm Tech Team posted in Russia, Threat Bulletin, US, Europe, Banking, Financial
Background
PolySwarm recently published a Special Report, Threat Bulletin, and blog posts discussing Russia-Ukraine tensions and the potential for both kinetic and cyber conflict. In Russia-Ukraine Conflict and Cyberwar Implications, we discussed political tensions between Russia and Ukraine, past cyber altercations between the two nations, and potential cyber and kinetic implications if the current conflict escalates. In Armageddon Activity Targeting Ukraine, we provided commentary and IOCs for ongoing cyber activity targeting Ukraine, which industry analysts attributed to the Russian state-sponsored threat actor group Armageddon.
Feb 16, 2022 2:55:24 PM / by PolySwarm Tech Team posted in Threat Bulletin, Middle East, Molerats, Espionage, Gaza, Gaza Cyber Gang, Nimblemamba
Feb 14, 2022 2:18:26 PM / by PolySwarm Team posted in Threat Bulletin, Lazarus, LolZarus, APT, North Korea, LoLbins, Defense Vertical
Background
Qualys Threat Research recently reported on a new Lazarus espionage campaign leveraging employment phishing emails to target the defense sector, primarily targeting those applying for a job at Lockheed Martin. The targeting is similar to previous Lazarus campaigns which targeted Northrop Grumman and BAE Systems. Qualys refers to the current campaign as LolZarus due to the threat actor group’s use of LoLbins in some of the samples, which according to Qualys is the first known use of LoLbins by a well-known threat actor group.
Feb 9, 2022 2:16:05 PM / by PolySwarm Team posted in Ukraine, Russia, Threat Bulletin
Feb 4, 2022 2:40:46 PM / by PolySwarm Team posted in Ukraine, Russia, Special Report
Jan 31, 2022 8:56:00 AM / by PolySwarm Team posted in Insider, Explained, Product