Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.
Sep 4, 2023 1:24:05 PM / by The Hivemind posted in Threat Bulletin, Government, Defense, Telecommunications, Aerospace, CVE-2023-2868, Military, Technology, DEPTHCHARGE, UNC4841, SKIPJACK, FOXTROT, FOXGLOVE
Related Families: SKIPJACK, DEPTHCHARGE, FOXTROT, FOXGLOVE
Verticals Targeted: Government, Military, Defense, Aerospace, Technology, Telecommunications
Jul 17, 2023 2:08:32 PM / by The Hivemind posted in Threat Bulletin, Financial, Government, China, Backdoor, Vixen Panda, Graphican
Related Families: Ketrican, BS2005
Verticals Targeted: Government, Financial
Jun 20, 2023 1:49:52 PM / by The Hivemind posted in Financial, Government, Cryptocurrency, Asylum Ambuscade, SMB, SunSeed, AHKBOT, NODEBOT
Related Families: SunSeed, AHKBOT, NODEBOT
Verticals Targeted: Government, Cryptocurrency, Financial
May 22, 2023 3:49:00 PM / by The Hivemind posted in Ukraine, Russia, Threat Bulletin, Government, Critical Infrastructure, Transportation, Bad Magic
Related Families: DboxShell, PowerMagic
Verticals Targeted: Defense, Critical Infrastructure, Transportation
Executive Summary
May 1, 2023 3:22:04 PM / by The Hivemind posted in Threat Bulletin, Middle East, Government, Critical Infrastructure, Iran, Telecommunications, Charming Kitten, MENA, Energy, Mint Sandstorm, North Africa, Transportation
Related Families: Drokbk, Soldier
Verticals Targeted: Critical Infrastructure, Telecommunications, Government, Energy, Transportation. Utilities, Oil & Gas
Executive Summary
Mint Sandstorm was recently observed targeting US critical infrastructure entities. These include seaports, energy companies, transportation systems, and a US utility and gas entity.
Mar 24, 2023 2:58:36 PM / by The Hivemind posted in Threat Bulletin, Government, Healthcare, YoroTrooper, CIS, Energy
Related Families: Custom Python tools, AveMaria, Warzone RAT, LodaRAT, Stink
Verticals Targeted: Energy, Government, Healthcare
Executive Summary
YoroTrooper is a threat actor group observed targeting energy and government entities and an EU healthcare organization. Although YoroTrooper uses commodity and open-source tools, most of their final payloads are custom developed.
Jul 8, 2022 2:33:33 PM / by PolySwarm Tech Team posted in Threat Bulletin, Government, Backdoor, SessionManager, NGO, IIS
Executive Summary
Kaspersky recently reported on SessionManager, a difficult to detect backdoor targeting governments and NGOs in multiple countries.
Jun 27, 2022 3:56:10 PM / by PolySwarm Tech Team posted in Threat Bulletin, Financial, Government, Telecommunications, PingPull, Gallium
Executive Summary
Palo Alto’s Unit42 recently reported on PingPull, a RAT used by the Gallium threat actor group to target entities in the telecommunications, government, and financial verticals.