Archives: Out of Band

2022-10-31

Phishing Attacks Leverage Deceptive Website Builders to Target AT&T Users

Executive Summary The CYFIRMA research team observed threat actors using free website builders to

2022-10-27

Fortinet Authentication Bypass Vulnerability Analysis – CYFIRMA

Fortinet Authentication Bypass Vulnerability Exploited by Threat Actors EXECUTIVE SUMMARY A critical

2022-10-14

Infostealer Prynt Malware a Deep Dive into Its Process Injection Technique

Infostealer Prynt Malware a Deep Dive into Its Process Injection Technique EXECUTIVE SUMMARY CYFIRMA

2022-10-04

Advanced Social Engineering Attacks Deconstructed

EXECUTIVE SUMMARY The team at CYFIRMA has analyzed and researched social engineering attacks in depth.

2022-09-28

Thousands of TP-Link Routers Vulnerable, Can be Exploited by Multiple Hackers

Thousands of TP-Link Routers Vulnerable, Can be Exploited by Multiple Hackers EXECUTIVE SUMMARY As

2022-09-25

Erbium Stealer Malware Report

Erbium Stealer Malware Report Executive Summary The Erbium malware is an information-stealer/ info

2022-09-21

FIN11 is Back : Impersonates Popular Video Conference Application

FIN11 is Back : Impersonates Popular Video Conference Application CYFIRMA research team has observed

2022-09-07

Cyber Research on the Malicious Use of Discord

Executive Summary CYFIRMA Research team has uncovered threat actors who have been abusing the Discord

2022-09-01

HTML smuggling: A Stealthier Approach to Deliver Malware

HTML smuggling: A Stealthier Approach to Deliver Malware HTML smuggling is a highly evasive technique

2022-08-29

CosmicDuke Malware Analysis

CosmicDuke Malware Analysis Report Executive Summary One of the campaigns Cyfirma researchers observed

2022-08-21

Thousands of Hikvision Cameras are still vulnerable and can be potentially exploited

Introduction CYFIRMA researchers have observed, as per the sample analysed, thousands of Hikvision

2022-07-21

AsyncRAT and MrAnonymous Backdoor Report

AsyncRAT and MrAnonymous Backdoor Report Date: 14-July-22 Suspected Malware: AsyncRAT Function: Malware

2022-07-13

NukeSped RAT Report

NukeSped RAT Report Suspected Malware: NukeSped Malware Function: RAT Risk Score: 8 Confidence Level:

2022-07-13

The Origins of APT 41 and ShadowPad Lineage

Introduction When the CYFIRMA research team began its work on tracking APT41, it became apparent that

2022-07-05

Matanbuchus Loader Report

Matanbuchus Loader Report Date: 29-June-22 Author: Manoj Kumar (CYFIRMA-Malware Research Team) Suspected

2022-07-05

AvosLocker Ransomware Report

AvosLocker Ransomware Report Suspected Malware: AvosLocker Malware Function: Ransomware Risk Score:

2022-06-14

TA505 Recent Trends Report 10-06-2021

Threat Actor Profile Threat Actor: TA505 Alias: ATK 103, Chimborazo, Evil Corp, Gold Evergreen, Gold

2022-06-10

Phishing Sample Analysis 10-06-2021

Phishing Sample Analysis MD5 : 140F716E974CD7483EEAA380A9C4FD82 SHA1 : 4D5B17CA34D8D15FBAE65AB637919E13E72A3476

2022-06-01

MISSION2025 Recent Trends Report 31-05-2021

Recently Observed Campaigns The following list contains recent campaigns observed by CYFIRMA Threat

2022-05-31

Yashma Ransomware Report

Yashma Ransomware Report Executive Summary: Yashma is a new ransomware seen in the wild since May