Archives: Out of Band

Phishing Analysis
2022-05-25
Phishing Analysis

Phishing Analysis A new phishing campaign by TA578 is uncovered that utilizes thread hijacked emails

Onyx Ransomware Report
2022-05-12
Onyx Ransomware Report

Onyx Ransomware Report Suspected Malware: onyx Ransomware Function: Ransomware Risk Score: 8 Confidence

Phishing Campaign related to Russia-Ukraine Conflict
2022-04-22
Phishing Campaign related to Russia-Ukraine Conflict

A new phishing campaign related to threat actor “Armageddon” was noticed earlier this month. The

Hermetic Wiper Malware Report
2022-04-07
Hermetic Wiper Malware Report

Hermetic Wiper Malware Report Date: 04-April-22 Author: Dilpreet Singh Bajwa (Cyfirma-Malware Research

Doublezero Wiper Malware Report
2022-04-07
Doublezero Wiper Malware Report

Doublezero Wiper Malware Report Date: 04-April-22 Author: Manoj Kumar (Cyfirma-Malware Research Team)

Shadowpad Malware Report
2022-03-08
Shadowpad Malware Report

ShadowPad Malware Report Suspected Malware: ShadowPad Malware Function: Backdoor Risk Score: 8 Confidence

Emerging Cyber Threats in the Ongoing Russia-Ukraine Conflict
2022-02-27
Emerging Cyber Threats in the Ongoing Russia-Ukraine Conflict

Emerging Cyber Threats in the Ongoing Russia-Ukraine Conflict Geopolitical Advisory [10 May 2022,

Tracking DangerousPassword Campaign by Lazarus Group
2022-01-26
Tracking DangerousPassword Campaign by Lazarus Group

Out-of-Band Report – Tracking DangerousPassword Campaign by Lazarus Group   Attack Type:

TimeTime Ransomware Technical Analysis
2022-01-21
TimeTime Ransomware Technical Analysis

Risk Score: 8 Confidence Level: High. Suspected Malware: TimeTime Malware. Function: Ransomware. Threat

Malware Analysis – Supersuso
2022-01-09
Malware Analysis – Supersuso

Supersuso is a ransomware intended to encrypt sensitive data in order to restrict access to it. During

TECHNICAL ANALYSIS – BIGLOCK RANSOMWARE
2021-12-30
TECHNICAL ANALYSIS – BIGLOCK RANSOMWARE

BigLock is a ransomware discovered in 2020 and also known as “corona-lock.” It encrypts

Apache Log4j – Technical Analysis of Critical Remote Code Execution Vulnerability Tracked as CVE-2021-44228
2021-12-15
Apache Log4j – Technical Analysis of Critical Remote Code Execution Vulnerability Tracked as CVE-2021-44228

EXECUTIVE SUMMARY   A critical Remote Code Execution Vulnerability tracked as CVE-2021-44228

TECHNICAL ANALYSIS – Makop Ransomware
2021-12-11
TECHNICAL ANALYSIS – Makop Ransomware

Makop Ransomware Analysis Brief Introduction: Makop ransomware is the latest malware and is trending

KARMA Leak Ransomware Technical Analysis
2021-12-07
KARMA Leak Ransomware Technical Analysis

KARMA Leak Ransomware Technical Analysis   Risk Score: 8 Confidence Level: High Suspected Malware:

Malware Analysis related to APT41 – STEALTHVECTOR
2021-12-01
Malware Analysis related to APT41 – STEALTHVECTOR

Malware Analysis related to APT41 – STEALTHVECTOR Risk Score: 8. Confidence Level: High. Suspected

Blacklisted IP (Gh0st RAT) Analysis
2021-11-23
Blacklisted IP (Gh0st RAT) Analysis

Ongoing analysis of Gh0st RAT Blacklisted IP: 23[.]225.73.110 Risk Score: 10 Confidence Level: High

FormBook Malware Technical Analysis
2021-11-17
FormBook Malware Technical Analysis

Overview Risk Score: 8 Confidence Level: High Suspected Malware: FormBook Malware/Trojan Function:

Malware Research on AtomSilo Ransomware
2021-10-27
Malware Research on AtomSilo Ransomware

Malware Research on AtomSilo Ransomware AtomSilo is a new Ransomware recently seen in September 2021

Kaseya Supply Chain Attacks
2021-08-06
Kaseya Supply Chain Attacks

By CYFIRMA Research First Published on 6 August 2021 EXECUTIVE SUMMARY REvil ransomware has set a

WebKit
2021-08-06
WebKit

By CYFIRMA Research First Published on 6 August 2021 EXECUTIVE SUMMARY Russian threat actors are suspected