Recently, @McAfee reported on #Xamalicious, a new stealth #backdoor targeting #Android devices. Check out our blog for more info and PolySwarm’s Xamalicious samples.

#FancyBear was recently observed engaging in a #phishing campaign leveraging three never-before-seen #malware families. @_CERT_UA reported on this activity. Check out our blog for more info and PolySwarm’s related samples.

PolySwarm analysts discuss in our latest report the malware families to watch in 2024. Check out our blog for more info and a selection of samples of each family.

t.co

#Malware #CyberSecurity #ThreatIntelligence #InfoSec #CyberThreats #CyberAwareness

PolySwarm has been tracking cyber activity targeting the energy vertical in 2023. In this report, we provide highlights of the activity. Check out our blog for more info.

t.co

#CyberSecurity #EnergySector #CyberActivity #SecurityHighlights #ThreatIntelligence

In this 2023 recap report, PolySwarm analysts present the 2023 Malware Hall of Fame and the Story of the Year. Check out our blog for more info and PolySwarm’s related samples.

t.co

#Malware #Cybersecurity #Threatintelligence

PolySwarm has been tracking cyber activity associated with North Korean threat actors in 2023. Check out our blog for our recap report and PolySwarm’s related samples.

t.co

#Cybersecurity #NorthKorea #ThreatActor #Malware

PolySwarm has been actively covering cyber activity associated with the Gaza conflict in 2023. Check out our blog for our recap report and PolySwarm’s related samples.

t.co

#Gaza #Israel #Palestine #Hamas #cyberwar #hacktivism #SysJoker

Upgrade your security with PolySwarm's cutting-edge malware intelligence marketplace. Get better, fresher, & faster insight with the power of a global network of specialized engines. Sign up today:

t.co

#Cybersecurity #Decentralized #ThreatDetection #Malware

PolySwarm has been actively covering cyber activity associated with the #Russia-#Ukraine conflict in 2023. Check out our blog for our recap report, highlights of this activity, and PolySwarm’s related samples.

#Kinsing #threatactors were recently observed leveraging CVE-2023-46604 to infect Linux systems with #cryptominers. @trendmicro_mea recently uncovered the active campaign. Check out our blog for more info and PolySwarm’s related samples.

A new variant of #LummaC2 was observed using a unique trigonometry-based anti-sandboxing technique. @outpost24 recently reported on the #infostealer. Check out our blog for more info and PolySwarm’s LummaC2 samples.

$NCT by @PolySwarm is now listed on Changelly! 🚀 @PolySwarm is a threat intelligence & detection community helping security teams detect new and emerging malware. Exchange $NCT ➡️

t.co

New #Rhysida activity has prompted the release of a joint #cybersecurity advisory providing additional details on the #ransomware group’s TTPs and operations. Check out our blog for more info and PolySwarm’s Rhysida samples.

Thinking about your online security? PolySwarm has you covered with its decentralized network of experts, taking the malware intelligence industry by storm.

t.co

#cyberdefense #cybersecurity #infosec #malware #cybercrime #ransomware #threatintelligence

A new #Cerber variant tracked as #C3RB3R was observed leveraging CVE-2023-22518. @SentinelOne recently reported on the campaigns deploying new #ransomware variants. Check out our blog for more info and PolySwarm’s C3RB3R samples.

#SecuriDropper is a widely distributed dropper-as-a-service that bypasses #Android Restricted Settings. @ThreatFabric recently reported on the attack and what makes it stand out. Check out our blog for more info and PolySwarm’s SecuriDropper samples.

The #MOVEit vulnerability, tracked as CVE-2023-34362, was first observed in May 2023. It has since been observed targeting additional entities, including those in the #technology, #government, and #defense verticals. Check out our blog for more info.

Recently, @SecurityJoes conducted an investigation and reported that a #wiper known as #BiBi-Linux was observed targeting entities in #Israel. Check out our blog for more info and PolySwarm’s BiBi-Linux samples.

#ScarredManticore, a #ThreatActor group associated with Iran’s MOIS, was observed using #Liontail, an advanced #malware framework. @_CPResearch_ recently reported on Liontail. Check out our blog for more info and PolySwarm’s Liontail samples.

#XWorm is a .NET based, modular, multi-purpose #malware family most often used as a RAT. CERT @CERT_Polska_en recently reported on XWorm. Check out our blog for more info and PolySwarm’s XWorm samples and extracted #C2 information.

Shoutout to @Patricia_Energy for moderating a thought-provoking panel at #PCS23 Washington's Unplugged. And a big thanks to the expert speakers and all who joined. #Cybersecurity #TechTalks

MALWOVERVIEW Get maximum information about potentially malicious files and links from: Virus Total Hybrid Analysis URLHaus PolySwarm Mal Share Alien Vault Malpedia ThreatFox Triage InQuest

t.co

Creator @ale_sp_brazil

The Stayin Alive campaign, perpetrated by #ToddyCat, was observed targeting #telecommunications and #government entities in Asia. @_CPResearch_ recently reported on this activity. Check out our blog for more info and PolySwarm’s related samples.

Excited for #PCS23 Washington's unplugged! Patricia Schouker, VP of Strategic Partnerships at Polyswarm, will be moderating. Dive deep into EU-US #Cybersecurity Policies. #TechTalks

#AkiraRansomware, active since April 2023, was observed recently by @FortiGuardLabs targeting #Windows and #Linux systems. Check out our blog for more info and PolySwarm’s Akira samples.

Mirai #IZ1H9, a newer variant of #Mirai, is being used to infect #Linux devices for use in a #DDoS campaign. @FortiGuardLabs recently reported on Mirai IZ1H9. Check out our blog for more info and PolySwarm’s Mirai IZ1H9 samples.

#AresLoader is a loader malware-as-a-service (#MaaS) active in the wild since at least November 2022. @Intel471Inc reported on AresLoader earlier this year. Check out our blog for more info and PolySwarm’s AresLoader samples.

#BunnyLoader is a recently discovered feature-rich malware-as-a-service (#MaaS) threat being sold on multiple forums. @zscaler reported on this new threat. Check out our blog for IOCs and more info on PolySwarm’s BunnyLoader samples.

#Deadglyph is a backdoor used by the #StealthFalcon threat actor group for espionage operations targeting entities in the Middle East. @ESET recently reported on Deadglyph activity. Check out our blog for more info and PolySwarm’s Deadglyph samples.

A new variant of #BBTok banking #trojan was recently observed targeting financial entities in Latin America. @_CPResearch_ reported on the incident. Check out our blog for more info and PolySwarm’s related samples.

#ShroudedSnooper used #HTTPSnoop and #PipeSnoop to target telecommunications entities in the Middle East. @TalosSecurity recently reported on this activity. Check out our blog for more info and PolySwarm’s related samples.

This means that our friends at @Polyswarm are already using our new analysis engine, every time you perform a URL scan. You can see the result our engine produces here.

In this video, we cover the use case of receiving a PDF via Email, then using PolySwarm to Scan this file to understand if it is Malicious, and then #Sandboxing the file to see the associated #Metadata like JARM signatures.

#EarthLusca was observed using a Linux-based backdoor dubbed #SprySOCKS to target government entities. @TrendMicro recently reported on this activity. Check out our blog for more info and PolySwarm’s related samples.

Multiple security researchers and news outlets reported on an incident where @MGMResortsIntl was the victim of an #ALPHV #ransomware attack. Check out our blog for more info and PolySwarm’s ALPHV samples.

This video covers how to use PolySwarm to Hunt for Samples based on our Priorized Intelligence Requirements, in this case, Chinese #Malware. PolySwarm uses Live and Historical hunting in combination with #Yara rulesets to allow you this functionality.

PolySwarm provides best-in-class #malware intelligence for #cybersecurity teams. In this video, you will discover how to start with a #SHA256 Hash and quickly find related IOCs like C2 Domains, TTPs Used, and IPs used by the Malware in PolySwarm.

Recently #CharmingKitten was observed using #Sponsor backdoor to target at least 34 entities in multiple countries. @ESET reported on this campaign. Check out our blog for more info and PolySwarm’s Sponsor samples.

Multiple industry researchers have recently reported on #Mallox, a #ransomware family targeting #Windows systems, including MS-SQL servers. Check out our blog for more info and PolySwarm’s Mallox samples.

PolySwarm offers cutting-edge #malware intelligence for #CyberSecurity teams. Watch this video to learn how to Sandbox Files to understand the #TTPs that are being utilized, allowing your team to gain insight and strengthen your security posture.

This video delves into PolySwarm's #scanning capabilities, illustrating how to quickly scan a file and understand if it is #malicious or #benign.

Two #GREF espionage campaigns used trojanized Android apps to deliver #BadBazaar #spyware variants. @ESET recently reported on BadBazaar. Check out our blog for more info and PolySwarm’s related samples.

PolySwarm provides innovative #malware intelligence for #cybersecurity teams curated from unique samples, best-in-class #sandboxing, and a marketplace of commercial and specialized #ThreatDetection engines.

A recent #malware campaign delivered a proxy server application to #Windows and #Mac systems, turning them into proxy exit nodes. @attcyber recently reported on this activity. Check out our blog for more info and PolySwarm’s related samples.

Cuba #ransomware was recently observed using CVE-2023-27532 to target critical infrastructure entities. @BlackBerry recently reported on this activity. Check out our blog for more info and PolySwarm’s related samples.

Here are some of the latest developments in our ongoing projects. Private communities in the portal - We are in the mockup phase for integrating private community support into the portal. Members of private communities will soon be able to access all the functionalities of PolySwarm using the portal. Criminal IP URL engine added to the Marketplace - In line with our commitment to fortify our platform's detection capabilities, the Criminal IP URL engine was successfully integrated into the PolySwarm marketplace. This addition will empower us to actively combat a wider range of malicious activities and help us better safeguard the integrity of today's ever-evolving digital landscape. Hunting capabilities are now available in our private communities using our API/CLI -This latest advancement improves our supported features for private communities. Members of private communities can now perform live and historical hunting. We released the new sandboxing user interface for the portal - This new paid feature elevates sandboxing to a primary function in the portal. Customers who have the sandboxing feature in their plan can detonate artifacts in the sandboxes without having to scan them first. We have an interface to list and monitor the artifacts that users and their team members have submitted to the sandboxes. We also have an interface to search for each time an artifact has been sandboxed. - We encourage open communication and collaboration here and on our other social channels as we move forward. Our commitment to delivering a cutting-edge platform remains unwavering, and we look forward to the positive impact of these advancements. Thank you for your continued support.

A new Linux variant of #Monti #ransomware was recently discovered. @TrendMicro reported on its evolution which includes added detection evasion and encryption features. Check out our blog for more info and PolySwarm’s Monti samples.

An #African energy sector entity was recently targeted using #DroxiDat, a variant of #SystemBC. @Securelist reported on the incident. Check out our blog for more info and PolySwarm’s DroxiDat samples.

@PolySwarm is a crowdsourced threat intelligence blockchain marketplace that provides impactful ways to respond to the latest threats. Criminal IP is now one of the contributing engines to PolySwarm, further enhancing the threat detection capabilities.

Recently, both @TrendMicro and @securityaffairs reported on #ransomware families targeting the #healthcare vertical. Our analysts provide information on these #malware families and IOCs of PolySwarm’s related samples in our latest blog.