CYFIRMA Research CYFIRMA
-
- Новости
Cyber defenders, listen up! The CYFIRMA Research podcast has some juicy intel on the latest cyber threats that are lurking in the shadows. Tune in to this security briefing to stay on top of emerging threats and be ready to tackle digital risk like never before.
-
CYFIRMA Research- The Indian Election: The Grandest Spectacle of Democracy under AI Threat
India's Loksabha Elections 2024 hold immense significance, not only for the nation but also for the global democratic landscape. The scale and complexity of the electoral process make it susceptible to cyberattacks, especially with the proliferation of generative AI and deepfake technologies.Link to the Research Report: The Indian Election : The Grandest Spectacle of Democracy under AI Threat - CYFIRMA #Geopolitics #Cyfirmaresearch #ThreatIntelligence #cybersecurity #ETLM&...
-
CYFIRMA Research - TRACKING RANSOMWARE : APRIL 2024
Stay informed about the latest developments in cybersecurity with CYFIRMA's April 2024 Ransomware Report. This edition highlights a shift in the ransomware landscape, with Hunter group now dominating while LockBit's influence declined. The manufacturing sector emerges as a prime target globally, with the USA, Canada, the UK, Germany, and Brazil experiencing significant impacts.The report underscores the evolving tactics of ransomware groups, including rebranding efforts by HelloKitty and the ...
-
CYFIRMA Research - New Pakistan-based Cyber Espionage Group’s Year-Long Campaign Targeting Indian Defense Forces with Android Malware
CYFIRMA’s Research team embarked on a mission to uncover a targeted attack on Indian defense personnel via WhatsApp Messenger. Suspected to originate from Pakistan, the threat actor deployed malicious Android apps disguised as "MNS NH Contact" and "Posted out off," aiming to gain unauthorized access to sensitive information.Our Investigation revealed the use of sophisticated social engineering tactics, with malicious apps designed to exploit vulnerabilities and evade detection. Notably, the a...
-
CYFIRMA Research - Emerging Security Threats: Analysis of CVE-2024-3400
Palo Alto Networks has uncovered CVE-2024-3400, a critical vulnerability exploited by threat actor 'UTA0218' in a sophisticated two-stage attack. This flaw allows unauthorized command execution on vulnerable PAN-OS devices via a backdoor mechanism.Adding to the urgency, CISA has promptly listed CVE-2024-3400 in its Known Exploited Vulnerabilities catalogue. The risk of data breaches is high, with reports of sensitive data for sale on underground forums. Stay vigilant and safeguardyour digital...
-
CYFIRMA Research - Obfuscated Batch Script’s Journey to Monero Mining
At CYFIRMA, we provide timely insights into prevalent threats and malicious tactics affecting organizations and individuals. Our research team have identified an open directory listing URLs containing highly obfuscated malicious Windows batch scripts in the wild, which executes a stealthy Monero (XMR) crypto miner as the final payload.This payload is unfolded after 5 stages of unpacking, with capabilities such as Anti analysis /debugging, privilege escalation, defense evasion, stealth executi...
-
CYFIRMA Research - Fletchen Stealer: An Information Stealer with Sophisticated Anti-Analysis Measures
Cyfirma research team discovered a new information stealer named Fletchen Stealer. It is a sophisticated information-stealing malware, offered by its creator as stealer-as-a-service for free that poses a significant threat to cybersecurity. A potent malware written in Rust which boasts advanced anti-analysis capabilities exhibits a high degree of resilience against detection and analysis. Its primary function is to steal sensitive data from compromised systems, including passwords, financial ...