CYFIRMA
CYFIRMA Research
Cyber defenders, listen up! The CYFIRMA Research podcast has some juicy intel on the latest cyber threats that are lurking in the shadows. Tune in to this security briefing to stay on top of emerging threats and be ready to tackle digital risk like never before.
Wo hören?
Podcasts in der App Replaio Radio Bald verfügbarPodcasts kommen bald in die App. Installiere sie jetzt und erlebe als Erster einen ganz neuen Blick auf Podcasts
Folgen
CYFIRMA Research: AI-Powered Bot Attacks Against E-Commerce in India 07.07.2026 3:29
Artificial intelligence is reshaping the cyber threat landscape, and e-commerce platforms are increasingly becoming prime targets for AI-powered bot attacks. Unlike traditional bots, these advanced automated tools can mimic legitimate user behaviour, adapt to security controls, and execute large-scale attacks with greater speed and precision. From credential stuffing and account takeover to invent...
CYFIRMA Research: Converging Threat Vectors: Escalating Cyber Risk and Strategic Exposure in Saudi Arabia’s Digital Ecosystem (2025–2026) 06.07.2026 8:21
Saudi Arabia’s digital ecosystem is facing a convergence of escalating cyber risks. Our latest threat landscape assessment highlights: 🔹 Intensified state-aligned espionage targeting Saudi Arabia 🔹 Ransomware operational maturity with multi-vector intrusion models 🔹 AI-enabled phishing increasing credential harvesting success rates 🔹 Rising dark web exposure of Saudi-linked datasets and ac...
CYFIRMA Research: Hong Kong Cyber Threat Landscape 02.07.2026 7:00
Hong Kong Cyber Threat Landscape 2025–26 CYFIRMA's latest intelligence assessment reveals a sharp rise in ransomware, state-aligned espionage, cloud abuse, and data-theft operations targeting Hong Kong. Ransomware groups like RansomHouse, Cl0p, Sinobi, and advanced APTs such as Salt Typhoon, Lotus Panda, PlushDaemon, APT41, and Tropic Trooper continue to drive high-impact activity across fina...
CYFIRMA Research: An Income Tax Assessment Notice Phishing Campaign Delivering Malware 25.06.2026 6:30
Fake Income Tax Notice Delivers RAT Malware CYFIRMA has identified a sophisticated malware distribution campaign leveraging a fraudulent Indian Income Tax Department assessment notice to infect users with a Remote Access Trojan (RAT)-like payload. The campaign uses a convincing tax-themed lure hosted on a malicious domain to impersonate legitimate government communications, tricking victims into d...
CYFIRMA Research: Microsoft Teams-Themed Remote Access Phishing Campaign 23.06.2026 6:20
An active phishing campaign is leveraging Microsoft Teams-themed lures to distribute legitimate remote access software configured for unauthorized access. The campaign highlights a growing trend in cybercrime operations: leveraging trusted platforms, legitimate software, and reputable hosting providers to bypass conventional security controls. As threat actors continue shifting toward legitimate...
CYFIRMA Research: Exploitation of Model Context Protocol in Agentic AI Deployments 22.06.2026 8:01
CYFIRMA's latest research documents how adversaries are exploiting the Model Context Protocol, the integration standard now embedded in Claude, Copilot, Cursor, VS Code, and hundreds of enterprise AI platforms, to turn AI agents into autonomous attack infrastructure. If your organization has deployed MCP-connected agents in production, the decisions this report describes are available now. #T...
CYFIRMA Research: New NPM Supply Chain Campaign Identified- A Multi-Stage Cryptocurrency Malware with More Than 2.7 million Downloads 19.06.2026 6:40
Alert : Major NPM Supply Chain Attack Exposed: 2.7M+ Downloads Impacted CYFIRMA Researchers identified 11 malicious npm packages targeting blockchain and Web3 developers, highlighting the growing risks within the open-source software supply chain. The attack demonstrates how a single typo or unverified dependency can introduce malicious code into development workflows. As Web3 adoption grows, soft...
CYFIRMA Research: Cyber Threats Surrounding the FIFA World Cup 2026 18.06.2026 8:18
48 teams 3 host nations. Billions of viewers And a cyber-attack surface unlike anything seen before. As global anticipation for the FIFA World Cup 2026 grows, so does cybercriminal interest. Our assessment identified FIFA-themed phishing domains, fraudulent ticketing infrastructure, and malicious streaming platforms already leveraging tournament branding. Looking ahead, organizations should prepar...
CYFIRMA Research: Tracking Ransomware- May 2026 16.06.2026 7:23
CYFIRMA Healthcare Industry Report | Q2 2026 | Overall industry risk: 6.9 / 10 - ELEVATED 90 days of telemetry. 5 threat categories. Here is what the numbers say about the healthcare sector this quarter. Ransomware across the period: 216 victims across 42 countries, up 8.5% from 199 last quarter, with 50 of 81 active gangs recording healthcare targets (62% participation, the highest rate observed...
CYFIRMA Research: Operation TaxShadow- Multi-Region Tax Phishing & In-Memory Malware Campaign 08.06.2026 7:03
Threat Research: Operation Tax Shadow Explore CYFIRMA's latest report regarding a tax-themed phishing campaign impersonating government tax authorities across multiple countries. • Multi-stage malware delivery via ZIP archive • DLL Search Order Hijacking for stealthy execution • API Hooking and Access Token Manipulation • COM Callback-based code execution to evade monitoring • Modified RC...
CYFIRMA Research: Kenya Cyber Threat Landscape 05.06.2026 7:52
Kenya’s cyber threat landscape is intensifying. The latest CYFIRMA report reveals a surge in ransomware activity, credential leaks, dark web data trading, website defacements, and attacks targeting government, finance, telecom, and critical infrastructure sectors throughout 2025–2026. From ransomware groups like Qilin and RansomHub to large-scale underground credential sales and AI-driven phishing...
CYFIRMA Research: CVE-2026-34197- Jolokia Exposure Enables RCE in Apache ActiveMQ 03.06.2026 6:09
The CYFIRMA Research team has identified key security insights related to CVE-2026-34197, a high-severity remote code execution vulnerability affecting Apache ActiveMQ Classic deployments. The vulnerability arises from exposure of the Jolokia JMX-HTTP bridge, which allows authenticated attackers to invoke privileged broker management operations and abuse the addNetworkConnector() functionality to...
CYFIRMA Research: China Threat Landscape 02.06.2026 9:19
China’s cyber threat landscape is evolving faster than ever — and the implications go far beyond its borders. Our latest threat intelligence report 2025 – 2026 highlights a convergence of ransomware, state-sponsored espionage, and systemic infrastructure risk that organizations cannot afford to ignore. From hyper-targeted phishing to faster vulnerability exploitation, AI is increasing both the spe...
CYFIRMA Research: Weaponization of Indian Student Data- An Ecosystem for Phishing, Social Engineering, and Financial Fraud 22.05.2026 3:38
The increasing digitalization of India’s education sector has created a growing attack surface for cybercriminals targeting student-related data. Our latest threat intelligence assessment explores how exposed or misused student information is being leveraged for phishing, social engineering, impersonation, credential theft, and financial fraud. The report highlights multiple observed cases involv...
CYFIRMA Research: South Korea Threat Landscape Report 20.05.2026 9:03
South Korea isn't just facing high-frequency cyberattacks, it’s navigating a highly professionalized exploitation pipeline. Regional APTs, RaaS affiliates, and initial access brokers aren't operating in silos; they are stakeholders in a maturing digital shadow economy. South Korea’s hyper-connected infrastructure and high-value industrial sectors aren't just targets-they are high-yi...
CYFIRMA Research: Tracking Ransomware- April 2026 19.05.2026 5:35
CYFIRMA – April 2026 Ransomware Threat Intelligence Briefing Ransomware activity reached 801 global incidents in April 2026, marking the highest April total in recent years and reinforcing the continued expansion of ransomware-as-a-service operations. In this episode, the CYFIRMA Research Team breaks down: • The most active ransomware groups driving April activity • Key sectors and countries under...
CYFIRMA Research: Operation SilentCanvas – JPEG-Based Multi-Stage PowerShell Intrusion 15.05.2026 8:42
Operation SilentCanvas – JPEG-Based Multi-Stage PowerShell Intrusion CYFIRMA Research conducted an in-depth technical investigation into a sophisticated multi-stage intrusion campaign leveraging a weaponized PowerShell payload disguised as a legitimate “.jpeg” image file to deploy a trojanized ConnectWise ScreenConnect framework for covert persistent access. Key highlights from the research: ...
CYFIRMA Research: Abuse of Cloud-Native Infrastructure in Modern Phishing Campaigns 08.05.2026 8:29
New Research: Trusted Infrastructure Phishing — The Attack That Lives Inside Your Security Stack Most phishing starts outside your perimeter. This one starts inside it. Trusted Infrastructure Phishing (TIP) is a threat class in which every phase of the attack chain — delivery, hosting, execution, authentication, and persistence — operates through legitimate, enterprise-trusted cloud infrastructure...
CYFIRMA Research: Malaysia Threat Landscape Report 05.05.2026 8:07
Malaysia isn’t just seeing cyber threats - it’s seeing a structured cyber economy take shape. Ransomware groups, data brokers, and access sellers are all operating across the same ecosystem. Manufacturing, government, and service sectors aren’t just targets - they’re data-rich environments with real extortion value. It’s a connected threat landscape: Data breaches feeding underground markets. Ran...
CYFIRMA Research: Taiwan Cyber Threat Landscape 2026 04.05.2026 8:45
Taiwan Cyber Threat Landscape 2026 Taiwan remains at the forefront of global cyber conflict—driven by its semiconductor dominance, strategic geopolitical position, and deep international partnerships. 🔹 Relentless Pressure: ~2.63M daily cyber intrusion attempts in 2025 (+100% since 2023) 🔹 Primary Threat Actors: PRC-linked APT groups conducting espionage, IP theft, and infrastructure pre-positi...
CYFIRMA Research: Singapore Threat Landscape 30.04.2026 7:42
Singapore’s position as a global financial, technological, and connectivity hub continues to attract sophisticated cyber threats from both state-sponsored actors and financially motivated cybercriminal groups. Key Threat Actors Identified : UNC3886, Mustang Panda, Volt Typhoon, APT41 – China-linked APT groups conducting long-term espionage targeting telecoms, government networks, and high-tech ind...
CYFIRMA Research: Philippines Evolving Cyber Threat Landscape 2025-2026 28.04.2026 2:45
Stay ahead with CYFIRMA’s Philippines Evolving Cyber Threat Landscape 2025–2026 Report. The Philippines is facing a sharp escalation in AI-driven and automated cyber threats. Q3 2025 recorded over 52 million exposed credentials, while ransomware operations increasingly targeted operational systems across healthcare, BFSI, and critical infrastructure. Identity compromise, vendor access abuse, and s...
CYFIRMA Research: KYCShadow: An Android Banking Malware Exploiting Fake KYC Workflows for Credential and OTP Theft 27.04.2026 4:48
KYCShadow: Mobile Threat Alert – Android Banking Malware Campaign CYFIRMA Research has identified a sophisticated Android malware campaign distributed via WhatsApp, impersonating Bank KYC and e-Challan services to compromise financial users at scale. The campaign demonstrates structured backend operations and infrastructure reuse (e.g., jsonapi[.]biz), indicating a coordinated and evolving fraud e...
CYFIRMA Research: Operation PhantomCLR- Stealth Execution via AppDomain Hijacking and In-Memory .NET Abuse 22.04.2026 7:34
Operation PhantomCLR Our latest research uncovers a highly sophisticated post-exploitation framework that represents a significant shift in modern attacker tradecraft. The campaign leverages .NET AppDomainManager hijacking to abuse a legitimate, digitally signed Intel binary (IAStorHelp.exe), transforming it into a stealthy execution container without modifying the original file. This allows mali...
CYFIRMA Research: Silent Crypto Wallet Takeover- Unlimited USDT Approval Exploitation via Trust Wallet QR Code Phishing 21.04.2026 4:57
CYFIRMA Research has identified an active crypto drainer campaign targeting Trust Wallet users through QR code phishing distributed via Telegram channels. The attack leverages deep link abuse and deceptive transaction flows to gain persistent access to victim funds. This campaign highlights a shift toward user-authorized exploitation, where no wallet vulnerability is required. By abusing standard...
Ähnliche Podcasts
Replaio ist kein Herausgeber von Podcasts; die Namen der Sendungen, Cover und Audioinhalte gehören ihren Autoren und werden über öffentliche RSS-Feeds verbreitet