Archives: Out of Band

2023-05-12

Evolution of KILLNET from Hacktivism to Private Hackers Company and the Role of Sub-groups

INTRODUCTION KILLNET is a prominent pro-Russian ‘hacktivist’ group that has been operating actively

2023-05-06

Exploiting the PowerPress 10.0 Stored Cross-Site Scripting Vulnerability (CVE-2023-1917)

EXECUTIVE SUMMARY The PowerPress plugin, which allows WordPress users to publish and manage podcasts,

2023-04-28

Breaking the Barrier: The Impact of Unauthorized Access to Powerful AI Language Models like ChatGPT

EXECUTIVE SUMMARY OpenAI has recently launched new plugins for ChatGPT, which is a language model

2023-04-14

DoNot APT Targets Individuals in South Asia using Android Malware

EXECUTIVE SUMMARY Recently CYFIRMA observed a cyber-attack on an individual residing in Kashmir, India.

2023-04-10

SarinLocker Ransomware

EXECUTIVE SUMMARY Research team at CYFIRMA has recently identified and published a report on a new

2023-04-07

ARES Leaks – Emerging Cyber Crime Cartel

INTRODUCTION As part of CYFIRMA Research team’s continuous external threat landscape monitoring

2023-04-03

The Rise of FusionCore An Emerging Cybercrime Group from Europe

EXECUTIVE SUMMARY The CYFIRMA research team has identified a new up-and-coming European threat actor

2023-03-25

Exploiting the Quiz and Survey Master 8.0.8 CSRF Vulnerability (CVE- 2023-0292)

EXECUTIVE SUMMARY The cross-site request forgery (CSRF) vulnerability discovered in WordPress Quiz

2023-03-20

ALC SCAREWARE PRETENDS TO BE A RANSOMWARE

EXECUTIVE SUMMARY Research team at CYFIRMA recently discovered a malicious sample in wild which pretends

2023-03-03

Japanese Security Posture Amid Changes In The Region

Introduction China’s assertive behaviour in the Indo Pacific region and the threat of Taiwan invasion

2023-02-24

EXFILTRATOR-22 – An Emerging Post-Exploitation Framework

Executive Summary The CYFIRMA Research team has provided a preliminary analysis of a new post- exploitation

2023-02-17

Most exploited critical vulnerabilities and zero days trend in 2022

Introduction Vulnerabilities are a critical component of cyber-attacks, providing attackers with an

2023-02-10

APT Bahamut Attacks Indian Intelligence Operative using Android Malware

Executive Summary In November 2022, CYFIRMA detected a cyber-attack on an intelligence operative in

2023-02-03

Tense China-Taiwan Relations

Learning Lessons And From Russia’s War On Ukraine, ETLM Takeaways Introduction Over the last few

2023-01-23

GuLoader Deploying Remcos RAT

Executive Summary Research team at CYFIRMA recently discovered a malicious PDF file being distributed

2023-01-21

ChatGPT AI in Security Testing: Opportunities and Challenges

Executive Summary ChatGPT, an advanced language model developed by OpenAI, has the potential to revolutionize

2023-01-14

VagusRAT: A New Entrant in the External Threat Landscape

Executive Summary Recently, researchers noticed various campaigns abusing Google Ads platform to deliver

2023-01-06

Lessons from Russia’s cyber-war in Ukraine

Lessons from Russia’s cyber-war in Ukraine In February of the last year just as Russian tanks started

2022-12-30

VPS Exploitation by Threat Actors

What About VPS A virtual private server (VPS) hosting offers a similar experience to dedicated hosting

2022-12-23

ChatGPT AI Cybersecurity Potential

Executive Summary In recent weeks ChatGPT by OpenAI started making waves around the world for its