CYFIRMA Research
Cyber defenders, listen up! The CYFIRMA Research podcast has some juicy intel on the latest cyber threats that are lurking in the shadows. Tune in to this security briefing to stay on top of emerging threats and be ready to tackle digital risk like never before.
CYFIRMA Research
CYFIRMA Research- Tracking Ransomware: September 2025
CYFIRMA’s Sept 2025 Ransomware Report highlights major evolutions across the ransomware landscape. Akira advanced by bypassing MFA on SonicWall VPNs through OTP seed theft, signalling a move beyond patchable flaws. MalTerminal broke new ground with AI-powered, runtime-generated ransomware payloads, while Scattered Spider reemerged to target financial workflows via AI-driven vishing and VMware ESXi exploits. CountLoader reinforced Russia’s ecosystem with modular, multi-language loaders distributing Cobalt Strike, AdaptixC2, and PureHVNC. HybridPetya escalated the threat to firmware-level extortion, exploiting Secure Boot (CVE-2024-7344) and encrypting the MFT at pre-boot for near-irrecoverable persistence.
Link to the Research Report: https://www.cyfirma.com/research/tracking-ransomware-september-2025/
#CyberSecurity #Ransomware #ThreatIntel #ETLM #CYFIRMA #Akira #MalTerminal #ScatteredSpider #CountLoader #HybridPetya #AIThreats #CYFIRMAresearch #ExternalThreatLandscapeManagement #ETLM
https://www.cyfirma.com/