Archives: Out of Band

The ScreenConnect Saga: A Deep Dive into the LockBit Connection
2024-02-29
The ScreenConnect Saga: A Deep Dive into the LockBit Connection

THE SCREENCONNECT SAGA: A DEEP DIVE INTO THE LOCKBIT CONNECTION In the ever-evolving landscape of

Exploit Analysis: SSRF and Command Injection for Unauthenticated RCE in Ivanti Connect Secure
2024-02-28
Exploit Analysis: SSRF and Command Injection for Unauthenticated RCE in Ivanti Connect Secure

EXECUTIVE SUMMARY CYFIRMA’s Research team conducted a comprehensive analysis of a server-side request

CYFIRMA INDUSTRY REPORT : ENERGY
2024-02-26
CYFIRMA INDUSTRY REPORT : ENERGY

EXECUTIVE SUMMARY The CYFIRMA Industry Report delivers original cybersecurity insights and telemetry-driven

Xeno RAT: A New Remote Access Trojan with Advance Capabilities
2024-02-23
Xeno RAT: A New Remote Access Trojan with Advance Capabilities

EXECUTIVE SUMMARY At CYFIRMA, we are dedicated to providing current insights into prevalent threats

IRAN CONTRIBUTES TO THE ESCALATING GEO-POLITICAL THREAT LANDSCAPE
2024-02-21
IRAN CONTRIBUTES TO THE ESCALATING GEO-POLITICAL THREAT LANDSCAPE

EXECUTIVE SUMMARY The situation is escalating between Iran and the United States in the Middle East:

CYFIRMA INDUSTRY REPORT : LOGISTICS
2024-02-19
CYFIRMA INDUSTRY REPORT : LOGISTICS

EXECUTIVE SUMMARY The CYFIRMA Industry Report delivers original cybersecurity insights and telemetry-driven

Jenkins (CVE-2024-23897) – Vulnerability Analysis and Exploitation
2024-02-16
Jenkins (CVE-2024-23897) – Vulnerability Analysis and Exploitation

EXECUTIVE SUMMARY The Jenkins CVE-2024-23897 vulnerability poses a severe threat, allowing remote

Malware Development Competition Fuels Creation of 20+ Malware
2024-02-13
Malware Development Competition Fuels Creation of 20+ Malware

EXECUTIVE SUMMARY In this report, we discuss the recently observed XSSLite Stealer that is being discussed

CYFIRMA INDUSTRY REPORT : HEALTHCARE
2024-02-12
CYFIRMA INDUSTRY REPORT : HEALTHCARE

EXECUTIVE SUMMARY The CYFIRMA Industry Report delivers original cybersecurity insights and telemetry-driven

TRACKING RANSOMWARE : January 2024
2024-02-09
TRACKING RANSOMWARE : January 2024

EXECUTIVE SUMMARY This CYFIRMA Monthly Ransomware report thoroughly analyses ransomware activity in

Caught in the Crossfire : How International Relationships Generate Cyber Threats
2024-02-07
Caught in the Crossfire : How International Relationships Generate Cyber Threats

EXECUTIVE SUMMARY In times of conflict, there are consequences of being an ally or an enemy of warring

CYFIRMA INDUSTRY REPORT : FINANCE
2024-02-06
CYFIRMA INDUSTRY REPORT : FINANCE

EXECUTIVE SUMMARY The CYFIRMA Industry Report delivers original cybersecurity insights and telemetry-driven

THE CHANGING CYBER THREAT LANDSCAPE  ASIA-PACIFIC (APAC) REGION VOLUME 1
2024-02-03
THE CHANGING CYBER THREAT LANDSCAPE ASIA-PACIFIC (APAC) REGION VOLUME 1

EXECUTIVE SUMMARY The Asia Pacific (APAC) Threat Landscape Report provides a comprehensive overview

Comprehensive Analysis of CVE-2024-21833 Vulnerability in TP-Link Routers : Threat Landscape, Exploitation Risks, and Mitigation Strategies
2024-01-31
Comprehensive Analysis of CVE-2024-21833 Vulnerability in TP-Link Routers : Threat Landscape, Exploitation Risks, and Mitigation Strategies

EXECUTIVE SUMMARY CYFIRMA’s Research team has conducted a thorough analysis of a critical security

Russian Threat Actors Abuse Cloudflare and Freenom Services to run DaaS Program
2024-01-29
Russian Threat Actors Abuse Cloudflare and Freenom Services to run DaaS Program

EXECUTIVE SUMMARY The CYFIRMA research team has discovered a Drainer-as-a-service (DaaS) project in

LOOKING INTO THE CRYSTAL BALL : WHAT WILL 2024 BRING IN GEOPOLITICS
2024-01-27
LOOKING INTO THE CRYSTAL BALL : WHAT WILL 2024 BRING IN GEOPOLITICS

As 2024 approaches, the confluence of simmering conflicts, uncertain political tides, and fragile

From Screen Captures to Crypto wallets: Analyzing the Multi-Faceted Threat of Rage Stealer
2024-01-25
From Screen Captures to Crypto wallets: Analyzing the Multi-Faceted Threat of Rage Stealer

EXECUTIVE SUMMARY At CYFIRMA, we are dedicated to providing you with the most up-to-date insights

Pakistan-based Threat Actor Targets Indians with Fake Loan Android Application
2024-01-22
Pakistan-based Threat Actor Targets Indians with Fake Loan Android Application

EXECUTIVE SUMMARY The team at CYFIRMA recently identified a pattern where unknown threat actors utilize

APT QUARTERLY HIGHLIGHTS : Q4 – 2023
2024-01-19
APT QUARTERLY HIGHLIGHTS : Q4 – 2023

EXECUTIVE SUMMARY In the fourth quarter of 2023, Advanced Persistent Threat (APT) groups from diverse

RUSSIAN STEALER LOG AGGREGATOR RELEASES FULLY NATIVE INFOSTEALER
2024-01-17
RUSSIAN STEALER LOG AGGREGATOR RELEASES FULLY NATIVE INFOSTEALER

EXECUTIVE SUMMARY The rise of Ransomware-as-a-Service (RaaS) affiliate programs has led to a surge