The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

UNC4841 Targeting Government Entities with Barracuda ESG 0day

Sep 4, 2023 1:24:05 PM / by The Hivemind posted in Threat Bulletin, Government, Defense, Telecommunications, Aerospace, CVE-2023-2868, Military, Technology, DEPTHCHARGE, UNC4841, SKIPJACK, FOXTROT, FOXGLOVE

0 Comments

Related Families: SKIPJACK, DEPTHCHARGE, FOXTROT,  FOXGLOVE
Verticals Targeted: Government, Military, Defense, Aerospace, Technology, Telecommunications

Executive Summary

UNC4841 was observed using CVE-2023-2868 to target entities in multiple verticals, including government and military.

Read More

Mint Sandstorm Targets US Critical Infrastructure

May 1, 2023 3:22:04 PM / by The Hivemind posted in Threat Bulletin, Middle East, Government, Critical Infrastructure, Iran, Telecommunications, Charming Kitten, MENA, Energy, Mint Sandstorm, North Africa, Transportation

0 Comments

Related Families: Drokbk, Soldier
Verticals Targeted:
Critical Infrastructure, Telecommunications, Government, Energy, Transportation. Utilities, Oil & Gas

Executive Summary

Mint Sandstorm was recently observed targeting US critical infrastructure entities. These include seaports, energy companies, transportation systems, and a US utility and gas entity.

Read More

PingPull Targets Telecom, Government, and Financial Verticals

Jun 27, 2022 3:56:10 PM / by PolySwarm Tech Team posted in Threat Bulletin, Financial, Government, Telecommunications, PingPull, Gallium

0 Comments



Executive Summary

Palo Alto’s Unit42 recently reported on PingPull, a RAT used by the Gallium threat actor group to target entities in the telecommunications, government, and financial verticals.

Read More

BPFDoor Targets Linux Systems

May 20, 2022 2:44:39 PM / by PolySwarm Tech Team posted in Threat Bulletin, China, Linux, Red Menshen, BPFDoor, Telecommunications

0 Comments



Background

PwC Threat Intelligence recently reported on BPFDoor, a passive network implant for Linux targeting telecommunications providers. The activity was attributed to the Chinese nexus threat actor group Red Menshen.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts