The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

HellCat Ransomware Targets Energy Giant Schneider Electric

Nov 15, 2024 12:52:13 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Ransomware, Energy, Emerging Threat, Evolving Threat

0 Comments

Related Families: HellDown
Verticals Targeted: Energy

Executive Summary

HellCat ransomware recently targeted French energy giant Schneider Electric. PolySwarm analysts consider HellCat to be an emerging threat.

Read More

Black Basta Targeting Critical Infrastructure

May 17, 2024 2:19:41 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Ransomware, Black Basta, Healthcare, Emerging Threat

0 Comments

Related Families: Qakbot
Verticals Targeted: Critical Infrastructure, Healthcare

Executive Summary

CISA recently issued an advisory warning critical infrastructure entities to harden their defenses against attacks from Black Basta.

Read More

VooDoo Bear's Kapeka Backdoor Targets Critical Infrastructure

Apr 26, 2024 2:28:37 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, ICS, Energy, VooDoo Bear, Kapeka

0 Comments

Related Families: GreyEnergy, Prestige
Verticals Targeted: Critical Infrastructure

Executive Summary

Kapeka, also known as KnuckleTouch, is a novel backdoor used by VooDoo Bear to target entities in Eastern Europe.

Read More

Phobos Targeting Critical Infrastructure

Mar 15, 2024 2:49:12 PM / by The Hivemind posted in Threat Bulletin, Government, Critical Infrastructure, Ransomware, Healthcare, Energy, Education, Phobos, Emergency Services

0 Comments

Related Families: Elking, Eight, Devos, Backmydata, Faust, Perdak, CrySiS, Dharma, SmokeLoader, Cobalt Strike, Bloodhound
Verticals Targeted: Critical Infrastructure, Government, Emergency Services, Education, Healthcare

Executive Summary

CISA recently released an advisory on Phobos ransomware being used to target critical infrastructure entities, including government entities, emergency services, education, public healthcare, and other unspecified entities.

Read More

Rhadamanthys Targeting ONG Sector

Mar 8, 2024 1:36:26 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Stealer, Phishing, Energy, ONG, Oil & Gas, Rhadamanthys

0 Comments

Verticals Targeted: Oil & Gas, Energy, Critical Infrastructure

Read More

ALPHV Targeting ONG, Critical Infrastructure Entities

Feb 23, 2024 2:25:34 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Ransomware, BlackCat, ALPHV, Energy, ONG, Oil & Gas

0 Comments

Verticals Targeted: Critical Infrastructure, Energy, Oil & Gas

Executive Summary

ALPHV recently claimed responsibility for a cybersecurity incident targeting Canada's Trans-Northern Pipelines.

Read More

Cactus Ransomware

Feb 5, 2024 2:04:38 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Ransomware, Energy, Cactus

0 Comments

Verticals Targeted: Energy

Executive Summary

Cactus is a ransomware family that has been active since at least March 2023 and has been gaining momentum in recent months. Cactus recently claimed an attack on Schneider Electric.

Read More

Volt Typhoon's KV-Botnet

Jan 22, 2024 1:38:21 PM / by The Hivemind posted in Threat Bulletin, APT, Critical Infrastructure, China, Linux, Volt Typhoon, KV-Botnet

0 Comments

Verticals Targeted: Government

Executive Summary

Volt Typhoon was observed compromising Cisco RV325 devices with KV-Botnet.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts