Archives: Out of Band

2023-02-24

EXFILTRATOR-22 – An Emerging Post-Exploitation Framework

Executive Summary The CYFIRMA Research team has provided a preliminary analysis of a new post- exploitation

2023-02-17

Most exploited critical vulnerabilities and zero days trend in 2022

Introduction Vulnerabilities are a critical component of cyber-attacks, providing attackers with an

2023-02-10

APT Bahamut Attacks Indian Intelligence Operative using Android Malware

Executive Summary In November 2022, CYFIRMA detected a cyber-attack on an intelligence operative in

2023-02-03

Tense China-Taiwan Relations

Learning Lessons And From Russia’s War On Ukraine, ETLM Takeaways Introduction Over the last few

2023-01-23

GuLoader Deploying Remcos RAT

Executive Summary Research team at CYFIRMA recently discovered a malicious PDF file being distributed

2023-01-21

ChatGPT AI in Security Testing: Opportunities and Challenges

Executive Summary ChatGPT, an advanced language model developed by OpenAI, has the potential to revolutionize

2023-01-14

VagusRAT: A New Entrant in the External Threat Landscape

Executive Summary Recently, researchers noticed various campaigns abusing Google Ads platform to deliver

2023-01-06

Lessons from Russia’s cyber-war in Ukraine

Lessons from Russia’s cyber-war in Ukraine In February of the last year just as Russian tanks started

2022-12-30

VPS Exploitation by Threat Actors

What About VPS A virtual private server (VPS) hosting offers a similar experience to dedicated hosting

2022-12-23

ChatGPT AI Cybersecurity Potential

Executive Summary In recent weeks ChatGPT by OpenAI started making waves around the world for its

2022-12-15

Multiple Campaigns by Russian Speaking Threat Groups Expanding their Attack Footprint

Executive Summary CYFIRMA Research Team has been tracking three campaigns – Evian, UNC064, and

2022-12-09

Inside the World of Initial Access Broker (IAB): Insights and Trends

Inside the World of Initial Access Broker (IAB): Insights and Trends Initial Access Brokers (IABs)

2022-12-05

Privateering Cyber Report

Introduction The rise of the use of cyber criminals for privateering is a growing concern for organizations

2022-11-25

Windows Internet Key Exchange (IKE) Remote Code Execution Vulnerability Analysis

Windows Internet Key Exchange (IKE) Remote Code Execution Vulnerability Analysis (CVE-2022-34721)

2022-11-16

From North Korean Phishing to Underground Online Hosting Services

From North Korean Phishing to Underground Online Hosting Services Executive Summary During CYFIRMA’s

2022-11-10

Prestige Ransomware Analysis

Prestige Ransomware Analysis Executive Summary CYFIRMA Research team has seen an uptick in threat

2022-11-07

Unknown Nation-Based Threat Actor Using Android RAT to Target Indian Defence Personnel

Executive Summary The CYFIRMA research team recently detected a malicious android APK targeting Indian

2022-10-31

Phishing Attacks Leverage Deceptive Website Builders to Target AT&T Users

Executive Summary The CYFIRMA research team observed threat actors using free website builders to

2022-10-27

Fortinet Authentication Bypass Vulnerability Analysis – CYFIRMA

Fortinet Authentication Bypass Vulnerability Exploited by Threat Actors EXECUTIVE SUMMARY A critical

2022-10-14

Infostealer Prynt Malware a Deep Dive into Its Process Injection Technique

Infostealer Prynt Malware a Deep Dive into Its Process Injection Technique EXECUTIVE SUMMARY CYFIRMA