Archives: Out of Band

2022-12-15

Multiple Campaigns by Russian Speaking Threat Groups Expanding their Attack Footprint

Executive Summary CYFIRMA Research Team has been tracking three campaigns – Evian, UNC064, and

2022-12-09

Inside the World of Initial Access Broker (IAB): Insights and Trends

Inside the World of Initial Access Broker (IAB): Insights and Trends Initial Access Brokers (IABs)

2022-12-05

Privateering Cyber Report

Introduction The rise of the use of cyber criminals for privateering is a growing concern for organizations

2022-11-25

Windows Internet Key Exchange (IKE) Remote Code Execution Vulnerability Analysis

Windows Internet Key Exchange (IKE) Remote Code Execution Vulnerability Analysis (CVE-2022-34721)

2022-11-16

From North Korean Phishing to Underground Online Hosting Services

From North Korean Phishing to Underground Online Hosting Services Executive Summary During CYFIRMA’s

2022-11-10

Prestige Ransomware Analysis

Prestige Ransomware Analysis Executive Summary CYFIRMA Research team has seen an uptick in threat

2022-11-07

Unknown Nation-Based Threat Actor Using Android RAT to Target Indian Defence Personnel

Executive Summary The CYFIRMA research team recently detected a malicious android APK targeting Indian

2022-10-31

Phishing Attacks Leverage Deceptive Website Builders to Target AT&T Users

Executive Summary The CYFIRMA research team observed threat actors using free website builders to

2022-10-27

Fortinet Authentication Bypass Vulnerability Analysis – CYFIRMA

Fortinet Authentication Bypass Vulnerability Exploited by Threat Actors EXECUTIVE SUMMARY A critical

2022-10-14

Infostealer Prynt Malware a Deep Dive into Its Process Injection Technique

Infostealer Prynt Malware a Deep Dive into Its Process Injection Technique EXECUTIVE SUMMARY CYFIRMA

2022-10-04

Advanced Social Engineering Attacks Deconstructed

EXECUTIVE SUMMARY The team at CYFIRMA has analyzed and researched social engineering attacks in depth.

2022-09-28

Thousands of TP-Link Routers Vulnerable, Can be Exploited by Multiple Hackers

Thousands of TP-Link Routers Vulnerable, Can be Exploited by Multiple Hackers EXECUTIVE SUMMARY As

2022-09-25

Erbium Stealer Malware Report

Erbium Stealer Malware Report Executive Summary The Erbium malware is an information-stealer/ info

2022-09-21

FIN11 is Back : Impersonates Popular Video Conference Application

FIN11 is Back : Impersonates Popular Video Conference Application CYFIRMA research team has observed

2022-09-07

Cyber Research on the Malicious Use of Discord

Executive Summary CYFIRMA Research team has uncovered threat actors who have been abusing the Discord

2022-09-01

HTML smuggling: A Stealthier Approach to Deliver Malware

HTML smuggling: A Stealthier Approach to Deliver Malware HTML smuggling is a highly evasive technique

2022-08-29

CosmicDuke Malware Analysis

CosmicDuke Malware Analysis Report Executive Summary One of the campaigns Cyfirma researchers observed

2022-08-21

Thousands of Hikvision Cameras are still vulnerable and can be potentially exploited

Introduction CYFIRMA researchers have observed, as per the sample analysed, thousands of Hikvision

2022-07-21

AsyncRAT and MrAnonymous Backdoor Report

AsyncRAT and MrAnonymous Backdoor Report Date: 14-July-22 Suspected Malware: AsyncRAT Function: Malware

2022-07-13

NukeSped RAT Report

NukeSped RAT Report Suspected Malware: NukeSped Malware Function: RAT Risk Score: 8 Confidence Level: