The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

2023 Recap - Malware Hall of Fame

Dec 18, 2023 3:13:23 PM / by The Hivemind posted in Threat Bulletin, Malware, LockBit, ALPHV, Cl0p, MOVEit, Rhysida, 2023 Recap, story of the year, BlackBasta

0 Comments

Executive Summary

In this report, PolySwarm analysts chose our top five standout malware families for the 2023 Malware Hall of Fame. We also feature the Story of the Year, MOVEit. A small selection of our most recent samples of each family are provided as well.

Read More

2023 Recap - Threat Actor Activity Highlights - North Korea

Dec 15, 2023 1:37:07 PM / by The Hivemind posted in Threat Bulletin, North Korea, APAC, 2023 Recap, Chollima

0 Comments

Executive Summary

Several high-profile North Korea nexus threat actor groups have been active in 2023. Reported activities include but are not limited to supply chain attacks, targeting of cryptocurrency, and proliferation of MacOS malware. In this report, PolySwarm highlights cyber activity perpetrated by North Korea nexus threat actor groups in 2023.

Read More

2023 Recap - Cyber Activity in the Gaza Conflict

Dec 11, 2023 3:08:36 PM / by The Hivemind posted in Threat Bulletin, Gaza, Hacktivism, Palestine, Israel, Hamas, BiBi-Linux, Conflict, Cyberwar, BiBi-Windows, SysJoker

0 Comments

Executive Summary

While tension in the Gaza region has existed for years, the all-out war that ignited in October 2023 brought with it a variety of cyber activity targeting both sides of the conflict. In this report, PolySwarm provides the highlights of cyber activity associated with the Gaza conflict in 2023.

Read More

2023 Recap - Cyberwar and Hacktivism in the Russia-Ukraine Conflict

Dec 8, 2023 1:17:32 PM / by The Hivemind posted in Ukraine, Russia, Threat Bulletin, Primitive Bear, Cozy Bear, Killnet, Cadet Blizzard, LitterDrifter, Ghost Writer, Fancy Bear, VooDoo Bear, RedStinger, Nodaria, Cyber Regiment, IT Army of Ukraine, KibOrg, NLB

0 Comments

Executive Summary

The Russia-Ukraine conflict has continued throughout 2023, with a plethora of both state-sponsored and hacktivist cyber activity taking place alongside kinetic warfare. In this report, PolySwarm provides the highlights of cyber activity associated with the Russia-Ukraine conflict in 2023.

Read More

Kinsing Exploiting CVE-2023-46604

Dec 4, 2023 1:29:39 PM / by The Hivemind posted in Threat Bulletin, Cryptominer, Kinsing, CVE-2023-46604

0 Comments

Executive Summary

Kinsing threat actors were recently observed leveraging CVE-2023-46604, a vulnerability affecting Apache ActiveMQ, to infect Linux systems with cryptominers and rootkits.

Read More

LummaC2

Dec 1, 2023 12:48:51 PM / by The Hivemind posted in Threat Bulletin, Stealer, LummaC2, Lumma

0 Comments

Executive Summary

A new variant of LummaC2 was observed using a unique trigonometry-based anti-sandboxing technique.

Read More

Rhysida On The Rampage

Nov 27, 2023 1:24:03 PM / by The Hivemind posted in Government, Healthcare, Technology, Education, Manufacturing, Various

0 Comments

Verticals Targeted: Education, Government, Manufacturing, Technology, Healthcare, Various

Executive Summary

New Rhysida activity has prompted the release of a joint cybersecurity advisory providing additional details on the ransomware group’s TTPs and operations.

Read More

C3RB3R Exploiting CVE-2023-22518

Nov 20, 2023 2:13:05 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Cerber, C3RB3R, CVE-2023-22518

0 Comments

Related Families: Cerber

Executive Summary

A new Cerber variant tracked as C3RB3R was recently observed leveraging CVE-2023-22518.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More