The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Trinity Ransomware

Oct 18, 2024 2:30:02 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Healthcare, Manufacturing, Emerging Threat, Trinity

0 Comments

Related Families: Venus, 2023Lock
Verticals Targeted: Healthcare, Manufacturing, Business Services 

Read More

Recent Ransomware Attacks on the Healthcare Vertical

Aug 19, 2024 12:54:46 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Healthcare, Disbuk, Rhysida, INC

0 Comments

Related Families: Rhysida, INC
Verticals Targeted: Healthcare

Executive Summary

Since late July, at least two ransomware groups have allegedly targeted healthcare vertical entities. The attacks were attributed to INC and Rhysida ransomware groups.

Read More

Eldorado Ransomware

Jul 15, 2024 2:43:58 PM / by The Hivemind posted in Healthcare, Education, Manufacturing, Real Estate, Professional Services

0 Comments

Verticals Targeted: Real Estate, Education, Professional Services, Healthcare, Manufacturing

Executive Summary

Eldorado is a relatively new ransomware as a service (RaaS) that targets both Windows and Linux systems. The ransomware has already claimed 16 victims and is gaining momentum.

Read More

Black Basta Targeting Critical Infrastructure

May 17, 2024 2:19:41 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Ransomware, Black Basta, Healthcare, Emerging Threat

0 Comments

Related Families: Qakbot
Verticals Targeted: Critical Infrastructure, Healthcare

Executive Summary

CISA recently issued an advisory warning critical infrastructure entities to harden their defenses against attacks from Black Basta.

Read More

INC Ransomware

Apr 8, 2024 2:23:53 PM / by The Hivemind posted in Threat Bulletin, Government, Ransomware, Healthcare, INC

0 Comments

Verticals Targeted: Government, Healthcare

Executive Summary

INC is a relatively new ransomware group that has been active since summer 2023. The group recently claimed responsibility for attacks on Leicester City Council and NHS services in Scotland.

Read More

RA World Ransomware Targets Healthcare Entities

Mar 18, 2024 2:36:58 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Healthcare, Babuk, Latin America, RA World

0 Comments

Related Families: Babuk
Verticals Targeted: Healthcare, Finance, Insurance 

Executive Summary

RA World is a multistage ransomware family that was recently observed targeting healthcare entities in Latin America.

Read More

Phobos Targeting Critical Infrastructure

Mar 15, 2024 2:49:12 PM / by The Hivemind posted in Threat Bulletin, Government, Critical Infrastructure, Ransomware, Healthcare, Energy, Education, Phobos, Emergency Services

0 Comments

Related Families: Elking, Eight, Devos, Backmydata, Faust, Perdak, CrySiS, Dharma, SmokeLoader, Cobalt Strike, Bloodhound
Verticals Targeted: Critical Infrastructure, Government, Emergency Services, Education, Healthcare

Executive Summary

CISA recently released an advisory on Phobos ransomware being used to target critical infrastructure entities, including government entities, emergency services, education, public healthcare, and other unspecified entities.

Read More

Rhysida On The Rampage

Nov 27, 2023 1:24:03 PM / by The Hivemind posted in Government, Healthcare, Technology, Education, Manufacturing, Various

0 Comments

Verticals Targeted: Education, Government, Manufacturing, Technology, Healthcare, Various

Executive Summary

New Rhysida activity has prompted the release of a joint cybersecurity advisory providing additional details on the ransomware group’s TTPs and operations.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts