Archives: Out of Band

2023-06-24

Research Report : Zero Day Shop

EXECUTIVE SUMMARY The CYFIRMA research team has identified a new marketplace run by unknown threat

2023-06-22

Typosquatting Unmasked : Exposing the Threats of Misplaced Keystrokes

EXECUTIVE SUMMARY At Cyfirma, our mission is to keep you informed about the latest and common prevailing

2023-06-16

DoNot APT Elevates its Tactics by Deploying Malicious Android Apps on Google Play Store

EXECUTIVE SUMMARY The team at CYFIRMA recently obtained suspicious Android apps hosted on the Google

2023-06-15

Mystic Stealer – Evolving “stealth” Malware

EXECUTIVE SUMMARY Information stealers pose an ongoing and dynamic threat to the security of both

2023-06-09

Unveiling DeltaBoys : Interview about their Past and Motivation.

INTRODUCTION Recently CYFIRMA published a report on the new threat actor group DeltaBoys. In a follow-up,

2023-06-07

Unveiling an Authenticated Stored Cross-Site Scripting Zero-Day Vulnerability in PowerPress Plugin 10.2.3 and Earlier

EXECUTIVE SUMMARY This research report examines a security vulnerability discovered in the Blubrry

2023-06-02

G7 Summit Assessment Report – Strong Symbolism, Military Commitments and Relations with China

EXECUTIVE SUMMARY The Group of Seven (G7) singled out China on issues including Taiwan; non-market

2023-05-28

DeltaBoys : Black Hats On The Rise

EXECUTIVE SUMMARY CYFIRMA research team has identified a new threat actor group on the rise with the

2023-05-22

The Meaning of ETLM for the Coming Ukrainian Offensive

EXECUTIVE SUMMARY Year and a half in the Russian war in Ukraine, the defending Ukranians are now reconstituting

2023-05-12

Evolution of KILLNET from Hacktivism to Private Hackers Company and the Role of Sub-groups

INTRODUCTION KILLNET is a prominent pro-Russian ‘hacktivist’ group that has been operating actively

2023-05-06

Exploiting the PowerPress 10.0 Stored Cross-Site Scripting Vulnerability (CVE-2023-1917)

EXECUTIVE SUMMARY The PowerPress plugin, which allows WordPress users to publish and manage podcasts,

2023-04-28

Breaking the Barrier: The Impact of Unauthorized Access to Powerful AI Language Models like ChatGPT

EXECUTIVE SUMMARY OpenAI has recently launched new plugins for ChatGPT, which is a language model

2023-04-14

DoNot APT Targets Individuals in South Asia using Android Malware

EXECUTIVE SUMMARY Recently CYFIRMA observed a cyber-attack on an individual residing in Kashmir, India.

2023-04-10

SarinLocker Ransomware

EXECUTIVE SUMMARY Research team at CYFIRMA has recently identified and published a report on a new

2023-04-07

ARES Leaks – Emerging Cyber Crime Cartel

INTRODUCTION As part of CYFIRMA Research team’s continuous external threat landscape monitoring

2023-04-03

The Rise of FusionCore An Emerging Cybercrime Group from Europe

EXECUTIVE SUMMARY The CYFIRMA research team has identified a new up-and-coming European threat actor

2023-03-25

Exploiting the Quiz and Survey Master 8.0.8 CSRF Vulnerability (CVE- 2023-0292)

EXECUTIVE SUMMARY The cross-site request forgery (CSRF) vulnerability discovered in WordPress Quiz

2023-03-20

ALC SCAREWARE PRETENDS TO BE A RANSOMWARE

EXECUTIVE SUMMARY Research team at CYFIRMA recently discovered a malicious sample in wild which pretends

2023-03-03

Japanese Security Posture Amid Changes In The Region

Introduction China’s assertive behaviour in the Indo Pacific region and the threat of Taiwan invasion

2023-02-24

EXFILTRATOR-22 – An Emerging Post-Exploitation Framework

Executive Summary The CYFIRMA Research team has provided a preliminary analysis of a new post- exploitation