Executive Summary
Cybereason recently reported on Black Basta ransomware, which has claimed around 50 victims so far, making it a prominent threat.
Black Basta Ransomware
Jul 5, 2022 3:33:54 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Windows, Linux, Black Basta, Qbot
Pymafka Targets macOS, Windows, Linux
Jun 17, 2022 2:17:39 PM / by PolySwarm Tech Team posted in Threat Bulletin, Windows, Linux, Python, Pymafka, Cobalt Strike
Executive Summary
Sonatype recently reported on Pymakfa, a malicious Python package in the PyPl registry dropping Cobalt Strike on macOS, Windows, and Linux.
Follina MSDT Vulnerability (CVE-2022-30190)
Jun 6, 2022 1:54:53 PM / by PolySwarm Tech Team posted in Threat Bulletin, Windows, Follina, CVE-2022-30190, MS Office, MSDT
Background
Microsoft recently published an advisory on a newly identified zero-day vulnerability that affects Microsoft Support Diagnostic Tool (MSDT). CVE-2022-30190, which is being exploited in the wild, has been dubbed Follina by industry researcher Kevin Beaumont.
AvosLocker Ransomware
Mar 18, 2022 1:31:01 PM / by PolySwarm Tech Team posted in Threat Bulletin, Windows, AvosLocker, Linux
Background
Qualys recently published a blog post on AvosLocker ransomware, which targets both Windows and Linux operating systems.
RedLine Stealer Delivered Via Fake Windows 11 Update
Mar 14, 2022 1:27:00 PM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, RedLine Stealer, Microsoft, Windows, Infostealer
Background
Last month HP published research on RedLine Stealer, a stealer malware being delivered via fake Windows 11 updates. Almost a month later, RedLine Stealer continues to be active in the wild, with new samples surfacing over the past week.