Today, PolySwarm, a threat intelligence platform used to detect new and emerging malware, releases information about a new variant of ZeroCleare (a destructive malware attributed to Iran). PolySwarm Community (free) and Enterprise users were able access to the full content of this sample before it appeared on VirusTotal.
Latest samples of ZeroCleare, Iranian state-sponsored malware, available on PolySwarm
Jan 9, 2020 11:09:01 AM / by PolySwarm Tech Team posted in Insider, Explained, PolySwarm, Threat Hunting, Research
Using PolySwarm Threat Hunting and Metadata Searching for intel on 0-days
Jul 29, 2019 5:29:00 PM / by Katherine Yan and Javier Botella Fernandez posted in PolySwarm, Product, Threat Hunting
A deep dive into using PolySwarm’s hunting features to identify malware. This demonstration shows how Threat Hunting and Metadata Searching helps analysts gather info on 0-day malware using EvilGnome as an example.