The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Lockbit 3.0

Jul 14, 2022 10:29:24 AM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, LockBit, Lockbit 3.0, LockbitBlack

0 Comments



Executive Summary

Cluster25 recently reported on Lockbit 3.0, the latest version of Lockbit ransomware. Version 3.0 includes new features and a ransomware bug bounty program.

Read More

New Hive Ransomware Rust Variant

Jul 11, 2022 10:37:20 AM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Hive, Rust

0 Comments



Executive Summary

Microsoft recently reported on a new variant of Hive ransomware written in Rust. This is a departure from previous versions, which were written in GoLang.

Key Takeaways

Read More

SessionManager Targets Governments and NGOs

Jul 8, 2022 11:33:33 AM / by PolySwarm Tech Team posted in Threat Bulletin, Government, Backdoor, SessionManager, NGO, IIS

0 Comments



Executive Summary

Kaspersky recently reported on SessionManager, a difficult to detect backdoor targeting governments and NGOs in multiple countries.

Read More

Black Basta Ransomware

Jul 5, 2022 12:33:54 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Windows, Linux, Black Basta, Qbot

0 Comments



Executive Summary

Cybereason recently reported on Black Basta ransomware, which has claimed around 50 victims so far, making it a prominent threat.

Read More

Cerber2021 Targets Windows and Linux

Jun 30, 2022 10:18:47 AM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Cerber, CerberImposter, CVE-2022-26134, Cerber2021

0 Comments



Executive Summary

Cyble recently reported on the resurgence of Cerber2021 ransomware, which targets both Windows and Linux systems.

Key Takeaways

Read More

PingPull Targets Telecom, Government, and Financial Verticals

Jun 27, 2022 12:56:10 PM / by PolySwarm Tech Team posted in Threat Bulletin, Financial, Government, Telecommunications, PingPull, Gallium

0 Comments



Executive Summary

Palo Alto’s Unit42 recently reported on PingPull, a RAT used by the Gallium threat actor group to target entities in the telecommunications, government, and financial verticals.

Read More

Lyceum .NET DNS Backdoor “DnsSystem”

Jun 24, 2022 11:22:18 AM / by PolySwarm Tech Team posted in Threat Bulletin, Lyceum, Hexane, Siamese Kitten, DnsSystem, .NET DNS Backdoor

0 Comments



Executive Summary

Zscaler recently reported on a new .NET DNS backdoor “DnsSystem” used by the threat actor group known as Lyceum. It is primarily used to target entities in the Middle East.

Read More

Symbiote Linux Malware

Jun 20, 2022 9:01:49 AM / by PolySwarm Tech Team posted in Threat Bulletin, Linux, Symbiote

0 Comments



Executive Summary

Intezer and BlackBerry recently reported on Symbiote, a difficult to detect Linux malware that relies on existing running processes to infect a system.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts