CYFIRMA Research
Cyber defenders, listen up! The CYFIRMA Research podcast has some juicy intel on the latest cyber threats that are lurking in the shadows. Tune in to this security briefing to stay on top of emerging threats and be ready to tackle digital risk like never before.
Episodes
172 episodes
CYFIRMA Research- Decoding Cyberattacks on Morocco
Cyberattacks Hit Morocco: A Wake-Up Call for Cybersecurity! Morocco has been hit with a series of cyberattacks from groups like Anonymous Algeria and EvilBbyte, with motives rooted in the long-standing dispute over the Western Saha...
•
5:16
CYFIRMA Research- Investigation into Helldown Ransomware
Helldown ransomware is spreading fast, targeting key industries like Real Estate, IT, Manufacturing, and Healthcare. The ransomware targets both Windows and Linux systems, exploits known vulnerabilities, and encrypts files.First spotted...
•
4:55
CYFIRMA Research: Hexon Stealer
Hexon Stealer is a variant of Stealit Stealer, which itself is derived from Fewer Stealer. Rebranding and code reuse are common practices among malware developers. Stealer devs often create Telegram or Signal channels to market their stealers, ...
•
5:57
CYFIRMA Research: CVE-2024-9264: A Critical Vulnerability in Grafana- Vulnerability Analysis and Exploitation
The CYFIRMA Research team provides insights into a severe flaw in Grafana (versions <11.0.5, 11.1.6, 11.2.1), which allows low-privilege users to execute arbitrary commands, risking sensitive data exposure and system compromise. Threat actor...
•
3:38
CYFIRMA Research- ELPACO-team Ransomware: A New Variant of the MIMIC Ransomware Family
Our latest research has uncovered “Elpaco-team” ransomware, a new variant of the well-known Mimic ransomware. Elpaco employs similar tactics, primarily targeting Windows-based systems and leveraging legitimate tools. Once inside, Elpaco encrypt...
•
4:50
CYFIRMA Research- Black Basta Ransomware Group
Stay vigilant against Black Basta’s sophisticated ransomware tactics! In our latest analysis, Black Basta continues to be a leading threat in the cyber landscape, targeting industries, such as healthcare, finance, and manufacturing. Known for e...
•
4:16
CYFIRMA Research- TRACKING RANSOMWARE : OCTOBER 2024
Stay ahead of cybersecurity trends with CYFIRMA's October 2024 Ransomware Report! This month saw a 42.78% increase in ransomware, led by groups like RansomHub, and new threats emerging, such as Hellcat and Playboy. Manufacturing and Healthcare ...
•
5:27
CYFIRMA Research- Wish Stealer
CYFIRMA’s research team has uncovered a new strain of malware known as "Wish Stealer," a sophisticated Node.js-based program targeting Windows users. This malware is designed to steal sensitive information from popular platforms like Discord, v...
•
7:13
CYFIRMA Research: SpyNote: Unmasking a Sophisticated Android Malware
A recently discovered variant of the SpyNote Remote Access Trojan (RAT) is posing as "Avast Mobile Security for Android." Upon installation, it gains extensive control over your device, silently granting itself permissions and displaying fake s...
•
4:42
CYFIRMA Research: Quishing- The New Age Threat in Digital Fraud
Quishing, a dangerous combination of QR codes and phishing, is emerging as a significant threat that can lead to unauthorized access to sensitive information. Cybercriminals exploit the increasing prevalence of QR codes to trick users into scan...
•
4:53
CYFIRMA Research: G700- The Next Generation of Craxs RAT
CYFIRMA's latest research highlights the G700 RAT, a potent malware targeting Android devices, especially in the cryptocurrency and finance sectors. With advanced techniques like privilege escalation, SMS hijacking, and phishing injection, G700...
•
8:02
CYFIRMA Research: CVE-2024-7479 and CVE-2024-7481- Privilege Escalation - Vulnerability Analysis and Exploitation
Critical Alert: Organizations using TeamViewer's Remote Client and Remote Host products on Windows must act now!CVE-2024-7479 and CVE-2024-7481 present a severe risk of privilege escalation. With millions of users potentially affected g...
•
3:03
CYFIRMA Research- APT Quarterly Highlights- Q3 2024
Our Q3 2024 APT Quarterly Highlights Report reveals intensified cyber activities from APT groups in Iran, Russia, China, and North Korea, indicating heightened espionage efforts. Iran’s MuddyWater and APT34 leveraged custom malware like BugSlee...
•
5:11
CYFIRMA Research- CVE-2024-7593 Vulnerability in Ivanti Virtual Traffic Manager: Vulnerability Analysis and Exploitation
Ivanti Virtual Traffic Manager (vTM) users – A critical authentication bypass flaw (CVSS 9.8) is now being actively exploited! This vulnerability allows unauthenticated attackers to gain admin control over your systems. Patch now to prevent una...
•
3:54
CYFIRMA Research- Data Breach Investigation on Cisco
CYFIRMA's investigation uncovered a major data breach at Cisco, led by the notorious threat actor IntelBroker. On October 14, 2024, IntelBroker posted on BreachForum, revealing that critical data such as source code, hard-coded credentials, SSL...
•
6:57
CYFIRMA Research: The Will of D- A Deep Dive into Divulge Stealer, Dedsec Stealer, and Duck Stealer
The proliferation of stealers, particularly those masquerading as open-source projects, poses significant risks to users. With capabilities to steal sensitive information, such as passwords, cryptocurrency wallets, and browser data, these malwa...
•
5:42
CYFIRMA Research- World on the Brink: War in The Middle East Threatens to Enter a New Destructive Phase
The Israeli invasion of Lebanon began with the declared goal to remove Hezbollah's military infrastructure from the south of the country so that Israelis living in northern Israel could return to their homes, from which they have been driven by...
•
5:15
CYFIRMA Research: Tracking Ransomware- September 2024
Stay ahead of cybersecurity trends with CYFIRMA's September 2024 Ransomware Report. This month’s analysis highlights significant shifts among top ransomware groups like Medusa, which saw a 525% surge in victims, while others like RansomHub and ...
•
5:32
CYFIRMA Research- iTunes Local Privilege Escalation (CVE-2024-44193) Vulnerability Analysis and Exploitation
Immediate action is required for all organizations using iTunes for Windows! CVE-2024-44193 is a critical local privilege escalation vulnerability that could lead to unauthorized system access. Attackers exploit misconfigured permissions in the...
•
3:59
CYFIRMA Research- The Yunit Stealer
Our latest research dives deep into Yunit Stealer, a sophisticated malware designed to steal sensitive data, such as credentials, cookies, and cryptocurrency wallets. This malware employs advanced evasion techniques, including obfuscation and p...
•
5:53
CYFIRMA Reasearch- Vilsa Stealer
A new malware threat, Vilsa Stealer, has surfaced. Discovered on GitHub, this malware is designed to quietly steal your most sensitive information, everything from browser passwords to cryptocurrency wallets and even Discord credentials. What m...
•
7:10
CYFIRMA Research: OSINT Investigation- Hunting Malicious Infrastructure Linked to Transparent Tribe
CYFIRMA's latest report delves into a crucial investigation targeting the malicious infrastructure linked to the APT group "Transparent Tribe." Employing open-source intelligence (OSINT), we thoroughly tracked the command-and-control (C2) serve...
•
5:19
CYFIRMA Research- Iran steps up Efforts in U.S. Election Meddling
As the U.S. presidential election in November approaches and the campaigns of former President Trump and Vice President Harris ramp up, hackers from Washington's adversaries are intensifying their efforts to disrupt or influence voting. Among t...
•
6:57
CYFIRMA Research- CVE 2024-38856 – Pre-authentication Remote Code Execution (RCE) – Vulnerability Analysis and Exploitation
Critical Alert: Organizations using Apache OFBiz must act now! CVE-2024-38856 presents a severe risk of remote code execution. With millions of users potentially affected globally, immediate action is crucial. This flaw allow...
•
2:54
CYFIRMA Research: Gomorrah Stealer v5.1: An In-Depth Analysis of a .NET-Based Malware
The CYFIRMA research team has examined a variant of the Gomorrah stealer malware, a .NET-based malware that targets a range of sensitive data on infected systems. This report provides a comprehensive analysis of its operational methods and evas...
•
3:21