The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Consulate Health Ransomware attack

Jan 18, 2023 2:35:50 PM / by The Hivemind posted in Malware, Ransomware, Hive, Cybercriminals

0 Comments



Ransomware attacks have become a major concern for businesses and organizations in recent years, with devastating consequences for those who fall victim. The Hive ransomware gang, which recently targeted Consulate Health Care, is one example of cybercriminals constructing sophisticated and ruthless tactics to steal sensitive data and extort money from their victims. But how can you protect yourself from these kinds of attacks in the future?

One solution is PolySwarm. Our platform uses advanced threat intelligence to stop ransomware attacks before they happen.

PolySwarm is a next-generation malware intelligence marketplace that connects businesses with a network of security experts and threat intelligence providers. Our platform can detect and analyze malware in real-time using cutting-edge technology, identifying potential threats before they can strike. This is achieved through our proprietary threat-scoring algorithm, PolyScore, which rates the probability that a given file contains malware. It weights engines’ determinations based on previous performance, history with similar file confidence levels, and other indicators.

One of the key features of PolySwarm is our ability to detect unknown or zero-day threats. These threats have yet to become known to the cybersecurity community and can be missed by traditional security solutions. However, PolySwarm's network of experts identifies these threats by analyzing the behavior of the malware rather than relying on signature-based detection methods.

In the case of the Hive ransomware gang attack and others like it, PolySwarm can detect the incident early on, allowing organizations to act before costly data is stolen. Receiving early alerts is the key to allowing your organization to take action and prevent theft.

Another benefit of PolySwarm is its ability to provide businesses with actionable intelligence. Once a threat has been identified, our platform can provide a detailed analysis of the malware, including information on its origins, targets, and potential consequences. This information can be used to improve an organization's overall security protocols, as well as to inform incident response and recovery teams.

Ransomware attacks are a serious and growing threat to businesses and organizations. The Hive ransomware gang is just one example of the devastating consequences of such attacks. However, by using advanced threat intelligence platforms like PolySwarm, organizations can protect themselves from future ransomware attacks and mitigate the damage caused by those that do occur.


Don’t have a PolySwarm account? Go here to sign up for a free Community plan or to subscribe.

Contact us at hivemind@polyswarm.io | Check out our blog | Subscribe to our reports

Read More

2023 Malware to Watch

Jan 17, 2023 1:31:56 PM / by The Hivemind posted in Threat Bulletin, Malware, 2023, Threat Landscape

0 Comments



Executive Summary

This threat bulletin features PolySwarm’s top malware to watch in 2023, as chosen by our analysts.

Read More

PolySwarm's 2023 Analyst Predictions

Jan 12, 2023 12:57:24 PM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, 2023, Predictions, Threat Landscape

0 Comments



Executive Summary

This threat bulletin features PolySwarm analysts’ predictions for the 2023 threat landscape.


Key Takeaways

Read More

2022 Recap - Mobile Malware Threat Landscape

Dec 8, 2022 1:23:16 PM / by PolySwarm Tech Team posted in Threat Bulletin, Android, Malware, 2022 Recap, ios, Mobile

0 Comments

Verticals Targeted: Financial, Government, Journalism, Various

Executive Summary

This report is part of PolySwarm’s 2022 Recap series. This edition provides an overview of the 2022 mobile malware threat landscape.

Key Takeaways

  • The 2022 mobile malware threat landscape saw a 500% increase in malware distribution in early 2022, and mobile malware continued to be rampant throughout the year.
  • Some of the attack vectors used by threat actors to distribute mobile malware in 2022 include apps injected with malicious code, zero-click attacks, TOAD, and smashing.
  • Types of mobile malware that were prolific in 2022 include banking trojans, dropper apps, spyware, mobile ransomware, and subscriber trojans.
Read More

Malware Leverages CAPTCHA to Bypass Browser Warning

Nov 23, 2022 1:00:33 PM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, CAPTCHA, TTPs, Gozi, Ursnif

0 Comments

Related Families: Gozi (Ursnif)
Verticals Targeted: Financial

Executive Summary

Bleeping Computer recently reported on a malware campaign that uses CAPTCHA to bypass browser warnings and deliver Gozi. This technique appears to be a novel TTP for threat actors.

Read More

RedLine Stealer Delivered Via Fake Windows 11 Update

Mar 14, 2022 1:27:00 PM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, RedLine Stealer, Microsoft, Windows, Infostealer

0 Comments



Background

Last month HP published research on RedLine Stealer, a stealer malware being delivered via fake Windows 11 updates. Almost a month later, RedLine Stealer continues to be active in the wild, with new samples surfacing over the past week.

Read More

DDoS Attacks and New Wiper Malware Target Ukraine

Feb 25, 2022 2:37:21 PM / by PolySwarm Tech Team posted in Ukraine, Russia, Threat Bulletin, Financial, Wiper, Malware, DDoS, Katana, Government, Defense

0 Comments



PolySwarm Threat Bulletin
THIS THREAT BULLETIN IS PROVIDED FOR SITUATIONAL AWARENESS

Background

PolySwarm recently released several publications and blog posts discussing Russia-Ukraine tensions and the potential for both kinetic and cyber conflict:

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts