The PolySwarm Blog

Executive Summary

Cybereason recently reported on Black Basta ransomware, which has claimed around 50 victims so far, making it a prominent threat.

Executive Summary

Sonatype recently reported on Pymakfa, a malicious Python package in the PyPl registry dropping Cobalt Strike on macOS, Windows, and Linux.

Background

Microsoft recently published an advisory on a newly identified zero-day vulnerability that affects Microsoft Support Diagnostic Tool (MSDT). CVE-2022-30190, which is being exploited in the wild, has been dubbed Follina by industry researcher Kevin Beaumont.

Background

Qualys recently published a blog post on AvosLocker ransomware, which targets both Windows and Linux operating systems.

Background

Last month HP published research on RedLine Stealer, a stealer malware being delivered via fake Windows 11 updates. Almost a month later, RedLine Stealer continues to be active in the wild, with new samples surfacing over the past week.