CYFIRMA Research

CYFIRMA
  • 0,0 (0)
  • НОВОСТИ ТЕХНОЛОГИЙ
  • ЕЖЕНЕДЕЛЬНО

Cyber defenders, listen up! The CYFIRMA Research podcast has some juicy intel on the latest cyber threats that are lurking in the shadows. Tune in to this security briefing to stay on top of emerging threats and be ready to tackle digital risk like never before.

  1. -4 ДН.

    CYFIRMA Research: Abuse of Cloud-Native Infrastructure in Modern Phishing Campaigns

    New Research: Trusted Infrastructure Phishing — The Attack That Lives Inside Your Security Stack Most phishing starts outside your perimeter. This one starts inside it. Trusted Infrastructure Phishing (TIP) is a threat class in which every phase of the attack chain — delivery, hosting, execution, authentication, and persistence — operates through legitimate, enterprise-trusted cloud infrastructure rather than attacker-controlled systems. No spoofed domains. No malicious IPs. No suspicious certificates. The attacker sends from Google's servers, hosts Microsoft's storage, authenticates through your identity provider, and persists inside your licensed SaaS environment. The governance gap is the real story. Every organization affected by TIP had licensed the platforms being abused. They had whitelisted the IPs. They had approved the OAuth flows. The gap is not in tooling; it is the assumption that trusted infrastructure cannot be weaponized from within. TIP invalidates that assumption at every stage. If your organization runs Microsoft 365, uses OAuth-integrated SaaS applications, or has invested in cloud productivity platforms — your trusted infrastructure is the attack surface. Link to the Research Report: https://www.cyfirma.com/research/abuse-of-cloud-native-infrastructure-in-modern-phishing-campaigns/ #CyberThreatIntelligence #CTI #CloudSecurity #TIP #TrustedInfrastructurePhishing #IdentitySecurity #OAuth #MicrosoftSecurity #PhishingDefense #MITRE #ATTACKFramework #BlueTeam #ThreatResearch #ZeroTrust #InfoSec #CYFIRMA #CYFIRMAresearch #ExternalThreatLandscapeManagement #ETLM https://www.cyfirma.com/

    8 мин.

  2. 5 МАЯ

    CYFIRMA Research: Malaysia Threat Landscape Report

    Malaysia isn’t just seeing cyber threats - it’s seeing a structured cyber economy take shape. Ransomware groups, data brokers, and access sellers are all operating across the same ecosystem. Manufacturing, government, and service sectors aren’t just targets - they’re data-rich environments with real extortion value. It’s a connected threat landscape: Data breaches feeding underground markets.  Ransomware groups exploiting access for quick monetization. Access brokers enabling repeat intrusions. Different actors. Same pipeline. When access is traded and data is currency, attacks don’t need to be sophisticated - just timely. Malaysia isn’t just being targeted. It’s being systematically monetized. Link to the Research Report: https://www.cyfirma.com/research/malaysia-threat-landscape-report/ #CyberSecurity #ThreatIntelligence #Ransomware #DarkWeb #CyberCrime #OSINT #CYFIRMA #CYFIRMAresearch #ETLM  #ExternalThreatLandscapeManagement https://www.cyfirma.com/

    8 мин.

  3. 4 МАЯ

    CYFIRMA Research: Taiwan Cyber Threat Landscape 2026

    Taiwan Cyber Threat Landscape 2026 Taiwan remains at the forefront of global cyber conflict—driven by its semiconductor dominance, strategic geopolitical position, and deep international partnerships. 🔹 Relentless Pressure: ~2.63M daily cyber intrusion attempts in 2025 (+100% since 2023)  🔹 Primary Threat Actors: PRC-linked APT groups conducting espionage, IP theft, and infrastructure pre-positioning  🔹 Rising Risks: Supply chain attacks, credential theft, ransomware, and disinformation campaigns  🔹 Critical Targets: Semiconductors, government, finance, healthcare, and critical infrastructure ⚠️ Not Just Espionage  Adversaries are embedding long-term access into energy, telecom, and tech sectors—potentially enabling disruption during future crises. 🌐 Geopolitics Matter  U.S.–China rivalry, regional tensions, and even global conflicts are shaping Taiwan’s cyber risk exposure.  Taiwan’s cyber landscape reflects a new reality: continuous competition in the digital domain, where resilience is just as critical as defense. Link to the Research Report: https://www.cyfirma.com/research/cyber-threat-landscape-report-taiwan/ #CyberSecurity #Taiwan #ThreatIntelligence #APT #Ransomware #Geopolitics #InfoSec #CYFIRMA #ETLM #ExternalThreatLandscapeManagement https://www.cyfirma.com/

    9 мин.

  4. 30 АПР.

    CYFIRMA Research: Singapore Threat Landscape

    Singapore’s position as a global financial, technological, and connectivity hub continues to attract sophisticated cyber threats from both state-sponsored actors and financially motivated cybercriminal groups. Key Threat Actors Identified: UNC3886, Mustang Panda, Volt Typhoon, APT41 – China-linked APT groups conducting long-term espionage targeting telecoms, government networks, and high-tech industries. Lazarus Group – North Korea–linked actor targeting fintech platforms, banks, and cryptocurrency ecosystems. Sectors at Highest Risk: Telecommunications | Financial Services | Healthcare | IT Services | Semiconductor & Technology Manufacturing Underground Activity Insights: Dark web monitoring shows sustained trading of Singapore-linked datasets, including identity records, financial account details, and healthcare information , fueling fraud, account takeover, and identity theft campaigns. As geopolitical tensions and digital transformation accelerate, proactive threat intelligence and cross-sector collaboration will be critical to safeguarding Singapore’s digital ecosystem. Link to the Research Report: https://www.cyfirma.com/research/singapore-threat-landscape/ #CyberSecurity #ThreatIntelligence #Singapore #APT #Ransomware  #CyberThreats #DarkWeb #CyberDefense #CYFIRMA #CYFIRMAresearch #ExternalThreatLandscapeManagement #ETLM https://www.cyfirma.com/

    8 мин.

  5. 28 АПР.

    CYFIRMA Research: Philippines Evolving Cyber Threat Landscape 2025-2026

    Stay ahead with CYFIRMA’s Philippines Evolving Cyber Threat Landscape 2025–2026 Report. The Philippines is facing a sharp escalation in AI-driven and automated cyber threats. Q3 2025 recorded over 52 million exposed credentials, while ransomware operations increasingly targeted operational systems across healthcare, BFSI, and critical infrastructure. Identity compromise, vendor access abuse, and supply-chain pathways are now primary intrusion vectors. Geopolitical tensions are further amplifying state-linked APT activity focused on persistence and pre-positioning inside sensitive networks. As digital adoption accelerates, Zero Trust, identity threat detection, and unified threat visibility are becoming essential to safeguarding national resilience and public trust. Link to the Research Report: https://www.cyfirma.com/research/philippines-evolving-cyber-threat-landscape-2025-2026/ #CyberSecurity #ThreatIntel #Philippines #Ransomware #APT #ZeroTrust   #DigitalRisk #CYFIRMA #ETLM #ExternalThreatLandscapeManagement https://www.cyfirma.com/

    3 мин.

  6. 27 АПР.

    CYFIRMA Research: KYCShadow: An Android Banking Malware Exploiting Fake KYC Workflows for Credential and OTP Theft

    KYCShadow: Mobile Threat Alert – Android Banking Malware Campaign CYFIRMA Research has identified a sophisticated Android malware campaign distributed via WhatsApp, impersonating Bank KYC and e-Challan services to compromise financial users at scale. The campaign demonstrates structured backend operations and infrastructure reuse (e.g., jsonapi[.]biz), indicating a coordinated and evolving fraud ecosystem. Notably, phishing interfaces reuse “eChallan” themes, reflecting cross-campaign adaptation techniques. Link to the Research Report: https://www.cyfirma.com/research/kycshadow-an-android-banking-malware-exploiting-fake-kyc-workflows-for-credential-and-otp-theft/ #ThreatIntelligence #AndroidMalware #BankingFraud #CyberSecurity #MobileThreats #MalwareAnalysis #ThreatResearch #CYFIRMA #CYFIRMAresearch https://www.cyfirma.com/

    5 мин.

  7. 22 АПР.

    CYFIRMA Research: Operation PhantomCLR- Stealth Execution via AppDomain Hijacking and In-Memory .NET Abuse

    Operation PhantomCLR Our latest research uncovers a highly sophisticated post-exploitation framework that represents a significant shift in modern attacker tradecraft. The campaign leverages .NET AppDomainManager hijacking to abuse a legitimate, digitally signed Intel binary (IAStorHelp.exe), transforming it into a stealthy execution container without modifying the original file.  This allows malicious code to execute within a trusted environment, effectively bypassing traditional EDR and antivirus defenses. The framework operates entirely in memory, combining advanced techniques, such as JIT-based shellcode execution, reflective DLL loading, and direct syscall usage, to evade detection while maintaining operational stealth. Link to the Research Report: https://www.cyfirma.com/research/operation-phantomclr-stealth-execution-via-appdomain-hijacking-and-in-memory-net-abuse/ #ThreatIntelligence #MalwareAnalysis #CyberSecurity #APT #ThreatHunting #MemoryForensics #CYFIRMA #CYFIRMAResearch #ETLM  #ExternalThreatLandscapeManagement https://www.cyfirma.com/

    8 мин.

  8. 21 АПР.

    CYFIRMA Research: Silent Crypto Wallet Takeover- Unlimited USDT Approval Exploitation via Trust Wallet QR Code Phishing

    CYFIRMA Research has identified an active crypto drainer campaign targeting Trust Wallet users through QR code phishing distributed via Telegram channels. The attack leverages deep link abuse and deceptive transaction flows to gain persistent access to victim funds. This campaign highlights a shift toward user-authorized exploitation, where no wallet vulnerability is required. By abusing standard Web3 workflows, attackers gain persistent and unrestricted access to victim wallets, enabling delayed or automated fund exfiltration. This activity underscores the rapid evolution of Drainer-as-a-Service ecosystems, combining social engineering, automation, and low-cost blockchain operations to scale financial theft. Link to the Research Report: https://www.cyfirma.com/research/silent-crypto-wallet-takeover-unlimited-usdt-approval-exploitation-via-trust-wallet-qr-code-phishing/ #ThreatIntelligence #CryptoSecurity #Web3 #Phishing  #BlockchainSecurity #CyberSecurity #MalwareAnalysis #CYFIRMA #CyfirmaResearch https://www.cyfirma.com/

    5 мин.
См. все (305)

Об этом подкасте

Cyber defenders, listen up! The CYFIRMA Research podcast has some juicy intel on the latest cyber threats that are lurking in the shadows. Tune in to this security briefing to stay on top of emerging threats and be ready to tackle digital risk like never before.

Информация

  • Автор
    CYFIRMA
  • Годы выхода
    2023 - 2026
  • Выпуски
    305
  • Ограничения
    Без ненормативной лексики
  • Авторские права
    © 2026 CYFIRMA Research
  • Сайт подкаста
    CYFIRMA Research