Self Assessment

Archives: Out of Band

FIN11 is Back : Impersonates Popular Video Conference Application
2022-09-21
FIN11 is Back : Impersonates Popular Video Conference Application

FIN11 is Back : Impersonates Popular Video Conference Application CYFIRMA research team has observed

Cyber Research on the Malicious Use of Discord
2022-09-07
Cyber Research on the Malicious Use of Discord

Executive Summary CYFIRMA Research team has uncovered threat actors who have been abusing the Discord

HTML smuggling: A Stealthier Approach to Deliver Malware
2022-09-01
HTML smuggling: A Stealthier Approach to Deliver Malware

HTML smuggling: A Stealthier Approach to Deliver Malware HTML smuggling is a highly evasive technique

CosmicDuke Malware Analysis
2022-08-29
CosmicDuke Malware Analysis

CosmicDuke Malware Analysis Report Executive Summary One of the campaigns Cyfirma researchers observed

Thousands of Hikvision Cameras are still vulnerable and can be potentially exploited
2022-08-21
Thousands of Hikvision Cameras are still vulnerable and can be potentially exploited

Introduction CYFIRMA researchers have observed, as per the sample analysed, thousands of Hikvision

AsyncRAT and MrAnonymous Backdoor Report
2022-07-21
AsyncRAT and MrAnonymous Backdoor Report

AsyncRAT and MrAnonymous Backdoor Report Date: 14-July-22 Suspected Malware: AsyncRAT Function: Malware

NukeSped RAT Report
2022-07-13
NukeSped RAT Report

NukeSped RAT Report Suspected Malware: NukeSped Malware Function: RAT Risk Score: 8 Confidence Level:

The Origins of APT 41 and ShadowPad Lineage
2022-07-13
The Origins of APT 41 and ShadowPad Lineage

Introduction When the CYFIRMA research team began its work on tracking APT41, it became apparent that

Matanbuchus Loader Report
2022-07-05
Matanbuchus Loader Report

Matanbuchus Loader Report Date: 29-June-22 Author: Manoj Kumar (CYFIRMA-Malware Research Team) Suspected

AvosLocker Ransomware Report
2022-07-05
AvosLocker Ransomware Report

AvosLocker Ransomware Report Suspected Malware: AvosLocker Malware Function: Ransomware Risk Score:

TA505 Recent Trends Report 10-06-2021
2022-06-14
TA505 Recent Trends Report 10-06-2021

Threat Actor Profile Threat Actor: TA505 Alias: ATK 103, Chimborazo, Evil Corp, Gold Evergreen, Gold

Phishing Sample Analysis 10-06-2021
2022-06-10
Phishing Sample Analysis 10-06-2021

Phishing Sample Analysis MD5 : 140F716E974CD7483EEAA380A9C4FD82 SHA1 : 4D5B17CA34D8D15FBAE65AB637919E13E72A3476

MISSION2025 Recent Trends Report 31-05-2021
2022-06-01
MISSION2025 Recent Trends Report 31-05-2021

Recently Observed Campaigns The following list contains recent campaigns observed by CYFIRMA Threat

Yashma Ransomware Report
2022-05-31
Yashma Ransomware Report

Yashma Ransomware Report Executive Summary: Yashma is a new ransomware seen in the wild since May

IOC Analysis of Russian Cyber threat actors Nobelium and Wizard Spider – CYFIRMA
2022-05-25
IOC Analysis of Russian Cyber threat actors Nobelium and Wizard Spider – CYFIRMA

IOC Analysis of Russian threat actors Nobelium and Wizard Spider The Russian threat actors have been

Lazarus Group Recent Trends
2022-05-25
Lazarus Group Recent Trends

Lazarus Group Recent Trends Recently Observed Campaigns The following list contains recent campaigns

Phishing Analysis
2022-05-25
Phishing Analysis

Phishing Analysis A new phishing campaign by TA578 is uncovered that utilizes thread hijacked emails

Onyx Ransomware Report
2022-05-12
Onyx Ransomware Report

Onyx Ransomware Report Suspected Malware: onyx Ransomware Function: Ransomware Risk Score: 8 Confidence

Phishing Campaign related to Russia-Ukraine Conflict
2022-04-22
Phishing Campaign related to Russia-Ukraine Conflict

A new phishing campaign related to threat actor “Armageddon” was noticed earlier this month. The

Hermetic Wiper Malware Report
2022-04-07
Hermetic Wiper Malware Report

Hermetic Wiper Malware Report Date: 04-April-22 Author: Dilpreet Singh Bajwa (Cyfirma-Malware Research