Best CYFIRMA Podcasts (2025)

1
CYFIRMA Research: CVE-2025-5777– Pre-Auth Memory Leak in Citrix NetScaler (CitrixBleed 2) 5:00

Play Pause

4h ago5:00

5:00

Critical Alert: CVE-2025-5777 – Pre-Auth Memory Leak in Citrix NetScaler (CitrixBleed 2)! Organizations relying on Citrix NetScaler ADC and Gateway for secure remote access must act immediately. This newly uncovered vulnerability allows unauthenticated attackers to leak sensitive memory—including session tokens—by sending malformed authentication r…

1
CYFIRMA Research- Octalyn Stealer Unmasked 4:58

3d ago4:58

4:58

CYFIRMA exposes Octalyn Forensic Toolkit, a malicious GitHub-hosted tool masquerading as a legitimate forensic utility. In reality, it functions as a credential stealer with Telegram-based C2, targeting browser data, crypto wallets, Discord, and VPN configs. Built with Delphi and C++, Octalyn enables even low-skilled actors to exfiltrate sensitive …

1
CYFIRMA Research- Tracking Ransomware- June 2025 4:54

5d ago4:54

4:54

Stay ahead with CYFIRMA’s Monthly Ransomware Report – June 2025. June saw 463 ransomware victims globally, a 15% decline from May. Qilin led the threat landscape, exploiting Fortinet flaws and adding legal pressure tactics. New players like Fog and Anubis adopted stealthy, modular toolkits and file-wipers for maximum damage. Emerging groups Teamxxx…

1
CYFIRMA Research- RENDERSHOCK- Weaponizing Trust in File Rendering Pipelines 5:58

6d ago5:58

5:58

New Threat Model: Zero-Click Compromise via File Rendering Automation RenderShock introduces a powerful new attack framework that leverages trusted file previewing, indexing, and sync mechanisms to trigger payloads — without exploits, macros, or even opening the file. Key Highlights: Zero-click execution using passive system features. Payloads deli…

1
CYFIRMA Research- GitHub Abused to Spread Malware Disguised as Free VPN 5:19

7d ago5:19

5:19

CYFIRMA Research's latest report explores a fake "Free VPN for PC" app hosted on GitHub, delivering a packed DLL payload using obfuscated Base64 hidden in junk strings. It uses P/Invoke to load a hidden DLL, executes GetGameData, and injects into legit processes like MSBuild.exe. Packed, evasive, and anti-debug. Link to the Research Report: https:/…

1
CYFIRMA Research- Phishing Attack: Deploying Malware on Indian Defense BOSS Linux 3:20

13d ago3:20

3:20

CYFIRMA uncovers a sophisticated phishing campaign by APT36 (Transparent Tribe) leveraging Linux-specific malware on BOSS Linux systems (widely used by Indian government agencies). Attackers use malicious .desktop files to deploy stealthy ELF binaries while distracting users with fake PowerPoint files. Stay vigilant and safeguard critical infrastru…

1
CYFIRMA Research - 12-Day War update 7:40

19d ago7:40

7:40

12-Day War update: Israel and Iran agree to a fragile ceasefire after America's bombing run on Tehran's nuclear facilities. Link to the Research Report: https://www.cyfirma.com/research/12-day-war-update/ #OperationRisingLion #MidnightHammer #IsraelIran #Geopolitics #CYFIRMAResearch #ThreatIntelligence #cybersecurity #ETLM #currentaffairs #MiddleEa…

1
CYFIRMA Research- Odyssey Stealer 5:26

25d ago5:26

5:26

Odyssey Stealer, a rebranded version of Poseidon Stealer, targets macOS users through the Clickfix technique—tricking victims into copy-pasting malicious scripts into their terminal. With capabilities to steal hardware details, keychains, browser cookies, crypto wallets, and plugins, the stolen data is sent to the stealer's hosted infrastructure. D…

1
CYFIRMA Research- APT36 Phishing Campaign Targets Indian Defense Using Credential-Stealing Malware 6:36

28d ago6:36

6:36

Cyber Threat Alert: APT36 Targets Indian Defense with a Sophisticated Phishing Campaign! CYFIRMA has uncovered a targeted cyber-espionage operation by APT36 (Transparent Tribe), a Pakistan-based threat actor. This group is exploiting phishing emails embedded with malicious PDFs mimicking official NIC documents to infiltrate Indian defense systems. …

1
CYFIRMA Research- Tracking Ransomware: May 2025 4:04

1M ago4:04

4:04

Stay ahead of evolving ransomware threats with CYFIRMA’s May 2025 Ransomware Report. May witnessed a 15.95% spike in ransomware attacks compared to April, with 545 incidents logged globally. New actors like SafePay and SilentRansomGroup rapidly gained ground, while established groups like Qilin deployed advanced loaders like NETXLOADER and SmokeLoa…

1
CYFIRMA Research: Understanding CyberEye RAT Builder- Capabilities and Implications 5:30

1M ago5:30

5:30

CYFIRMA’s latest research report analyses a stealthy Windows-based malware known as CyberEye, which is posing a significant threat across systems by offering attackers full remote control through a Telegram Bot API. Once executed, it silently harvests browser-stored passwords, cookies, credit card details, Wi-Fi credentials, and session tokens from…

1
CYFIRMA Research: Ukraine's Attack on Russia's Strategic Air Force- Live Feed from Revolution in Military Affairs 8:35

1M ago8:35

8:35

Ukraine’s daring drone strike reshapes warfare! CYFIRMA’s research team examines how cheap tech took on Russia’s nuclear air force and what it means for global militaries. Link to the Reseach Report: https://www.cyfirma.com/blogs/ukraines-attack-on-russias-strategic-air-force-live-feed-from-a-revolution-in-military-affairs/ #Geopolitics #ThreatInte…

1
CYFIRMA Research: DuplexSpy RAT- A Stealthy Windows Malware Enabling Full Remote Control and Surveillance 6:14

1M ago6:14

6:14

A highly modular Windows Remote Access Trojan (RAT), DuplexSpy, written in C#, has surfaced with advanced surveillance and system control capabilities. Features include keylogging, remote shell access, screen & webcam spying, audio eavesdropping, and live C2 chat. It uses fileless execution, UAC bypass, registry persistence, and DLL injection to ev…

1
CYFIRMA Research: Firewalls and Frontlines- The India-Pakistan Cyber Battlefield Crisis 6:47

2M ago6:47

6:47

As tensions between India and Pakistan escalated in early 2025, the conflict spilled into cyberspace. In the wake of the April 22nd Kashmir attack and India’s Operation Sindoor, dozens of hacktivist groups launched a wave of digital assaults — from DDoS attacks and defacements to claimed data breaches — targeting critical infrastructure and governm…

1
CYFIRMA Research- Versa Concerto: Understanding and Mitigating CVE-2025-34027 4:27

2M ago4:27

4:27

Critical Alert: CVE-2025-34027 – Authentication Bypass + RCE in Versa Concerto! Organizations using Versa Concerto for network orchestration must take immediate action. This newly disclosed vulnerability allows unauthenticated attackers to bypass login mechanisms and gain remote code execution through exposed REST APIs. The flaw affects key authent…

1
CYFIRMA Research- Lyrix Ransomware 6:29

2M ago6:29

6:29

A new ransomware! Lyrix Ransomware targets Windows systems, encrypting files and appending random 10-character extensions. Victims receive a README.txt ransom note demanding payment, threatening to leak stolen data. Strengthen robust defenses & comprehensive incident response now! Link to the Research Report: https://www.cyfirma.com/research/lyrix-…

1
CYFIRMA Research- While Trump Disrupts World Order China Prepares for War Over Taiwan 11:29

2M ago11:29

11:29

Read CYFIRMA’s latest geo-political analysis, regarding Trump’s continued disruption of the world order, calling U.S. alliances into question while an emboldened China prepares for war over Taiwan. Link to the Research Report: https://www.cyfirma.com/research/while-trump-disrupts-the-world-order-china-prepares-for-war-over-taiwan/ #Geopolitics #CYF…

1
CYFIRMA Research: GhostSpy- Web-Based Android RAT 6:08

2M ago6:08

6:08

A high-risk Android malware poses a serious threat by targeting banking apps, bypassing screenshot protections through UI reconstruction to steal sensitive financial data. It records live screen activity, captures video, and audio in real time, SMS, Contacts, Call logs, files and silently auto-grants all permissions. Once installed, it takes full c…

1
CYFIRMA Research- Tracking Ransomware: April 2025 7:39

2M ago7:39

7:39

Stay ahead of evolving ransomware threats with CYFIRMA’s April 2025 Ransomware Report. Last month revealed shifting dynamics—Qilin surged by 71%, while Play and DragonForce increased by 75% and 25% respectively. Despite a 29% drop in total incidents from March, the Manufacturing, IT, and Consumer sectors remained heavily targeted. The U.S. topped t…

1
CYFIRMA Research- PupkinStealer : A .NET-Based Info-Stealer 4:33

2M ago4:33

4:33

CYFIRMA’s latest threat report reveals the workings of PupkinStealer, a .NET-based information stealer designed to extract a focused set of sensitive data from victim systems. Targeting browser credentials, desktop files, Telegram and Discord sessions, and screenshots, the malware compresses all stolen content into a ZIP archive and exfiltrates it …

1
CYFIRMA Research- EXPLAINER: THE ALGERIA / MOROCCO TENSIONS 7:45

2M ago7:45

7:45

Geopolitical tensions between Algeria and Morocco have reignited over the Western Sahara issue. Hacktivist groups have exacerbated the situation by targeting each other’s critical infrastructure. Algerian hacktivists claimed to have breached Morocco's CNSS, while Moroccan hacktivists alleged, they had hacked and leaked data from Algeria's MGPTT. Ho…

1
CYFIRMA Research- Gunra Ransomware 9:22

3M ago9:22

9:22

A new threat is on the rise - Gunra Ransomware. This sophisticated ransomware not only encrypts files but also exfiltrates sensitive data, threatening to leak the data unless the ransom is paid. Read the latest report from the CYFIRMA research team to learn more! Stay informed and safeguard your systems! Link to the Research Report: https://www.cyf…

1
CYFIRMA Research- US MANUFACTURING RELOCATION AND THREATS 11:21

3M ago11:21

11:21

Donald Trump’s new tariff promises to revive American manufacturing, but evidence shows they are more likely to raise prices, reduce competitiveness, deter investment, and fuel geopolitical instability. The vision of millions of factory jobs ignores automation, labor shortages, and global supply chains. Instead of revitalizing the industry, tariffs…

1
CYFIRMA Research- Hannibal Stealer: A Rebranded Threat Born from Sharp and TX Lineage 8:38

3M ago8:38

8:38

Read CYFIRMA’s report on the Hannibal Stealer, a rebranded variant of SHARP and TX Stealers, which has re-emerged with expanded data exfiltration capabilities and an updated command-and-control infrastructure. Hannibal Stealer is built in C# on the .NET framework. It targets a wide range of data sources, including browsers, cryptocurrency wallets, …

1
CYFIRMA Research- Technical Malware Analysis Report: Python-based RAT Malware 6:12

3M ago6:12

6:12

A New Breed of Python-Based RATs is Abusing Discord for C2 The CYFIRMA research team has investigated an emerging class of Python malware that is turning popular platforms into weaponized control panels. One recent variant showcases just how accessible and disruptive these tools have become. This lightweight Remote Access Trojan (RAT) uses Discord …

1
CYFIRMA Research- Scamonomics: The Dark Side of Stock & Crypto Investments in India 7:14

3M ago7:14

7:14

Cybercriminals are impersonating trusted business executives and financial experts to trap unsuspecting investors. These scammers are creating fake investment firms with fraudulent registration details, professional-looking websites and manipulated social media engagement to appear legitimate. They are actively using Telegram channels, WhatsApp gro…

1
CYFIRMA Research: Cyber Espionage Among Allies- Strategic Posturing in an Era of Trade Tensions 8:44

3M ago8:44

8:44

The CYFIRMA research team provides a comprehensive analysis of how diplomacy, defense, and digital strategy are colliding: As trade friction intensifies especially under the 2025 U.S. tariff regime, cyberspace is becoming the frontier of quiet competition between traditional allies. While full-scale cyber warfare remains unlikely, behind-the-scenes…

1
CYFIRMA Research- Tik-Tok: China’s Digital Weapon System? 9:42

3M ago9:42

9:42

U.S. President Donald Trump, once a critic but now a supporter of TikTok, is granting the app’s China-based parent company, ByteDance, a second 75-day extension to finalize a deal that would transfer ownership of TikTok to an American entity. While the legislation allowed only one extension for a sale, the U.S. Congress has yet to push back against…

1
CYFIRMA Research- Tracking Ransomware: March 2025 5:51

3M ago5:51

5:51

Stay ahead of evolving ransomware threats with CYFIRMA’s Monthly Ransomware Report – March 2025. The month of March saw shifting dynamics, with Safepay experiencing a huge surge of 223%, while RansomHub and Akira declined. Babuk2 has possibly leveraged fake extortion claims. Manufacturing, IT, and Consumer sectors remained prime targets as total in…

1
CYFIRMA Research- The Neptune RAT 9:34

3M ago9:34

9:34

CYFIRMA researchers have identified a dangerous new version of Neptune RAT being actively shared online. This malware spreads through GitHub, Telegram, and YouTube, often advertised as the "Most Advanced RAT." The attack starts when victims run malicious PowerShell commands. First, the "irm" command downloads harmful code from the file hosting webs…

1
CYFIRMA Research- Analysis of Konni RAT: Stealth, Persistence, and Anti-Analysis Techniques 4:58

4M ago4:58

4:58

CYFIRMA’s research team has conducted an in-depth investigation into Konni RAT, a sophisticated remote access trojan (RAT) that uses advanced evasion techniques to bypass detection. It exploits Windows features, such as file extension hiding and the 260-character limit for LNK files, to conceal malicious activity. After gaining access, Konni RAT ma…

1
CYFIRMA Research- ANALYSIS OF A DISCORD-BASED REMOTE ACCESS TROJAN (RAT) 6:49

4M ago6:49

6:49

Hackers are leveraging Python-based Discord RATs to exploit Discord’s API as a Command and Control (C2) platform. This sophisticated malware allows attackers to gain complete control over compromised systems, making it a serious cybersecurity risk. Steals credentials from browsers Execute remote system commands Capture live screenshots for surveill…

1
CYFIRMA Research: Turning Aid into Attack- Exploitation of Pakistan's Youth Laptop Scheme to Target India 7:08

4M ago7:08

7:08

The CYFIRMA research team has identified a fake Indian Post Office website leveraging the Clickfix technique to target Indian users. The report details how a Pakistani threat actor is targeting both Windows and Android users by dropping APK files for Android devices, copying PowerShell commands to the clipboard, and dropping Clickfix instructions p…

1
CYFIRMA Research- CVE-2025-24813: Apache Tomcat RCE Vulnerability Analysis 4:47

4M ago4:47

4:47

Critical Alert: Immediate action is required for all organizations using Apache Tomcat! CVE-2025-24813 is a critical Remote Code Execution (RCE) vulnerability that allows attackers to bypass security controls via a path equivalence flaw, leading to arbitrary code execution. Active exploitation has been observed, with public PoC exploits available, …

1
CYFIRMA Research- Tracking ransomware: February 2025 6:30

4M ago6:30

6:30

Stay ahead of evolving ransomware threats with CYFIRMA’s Monthly Ransomware Report – February 2025. Ransomware activity surged by 87.45% in February month, with Cl0p witnessing an alarming 453% rise. Manufacturing, FMCG, and Transportation sectors faced the highest spike in attacks. The U.S. remained the top target, followed by Canada, the U.K., Ge…

1
CYFIRMA Research- Geopolitical Conflicts and The Unpredictable Nature of Hacktivist Operations 6:49

4M ago6:49

6:49

Hacktivists often become active participants in cyber conflicts whenever geopolitical tensions arise. This has been evident during events like the Israel-Palestine conflict and the Russia-Ukraine war. Recently, tensions flared between Malaysia and Indonesia following the death of a migrant worker attempting to cross the Malaysian border with four o…

1
CYFIRMA Research- LithiumWare Ransomware 6:04

4M ago6:04

6:04

The CYFIRMA research has identified a new ransomware variant named LithiumWare, showcasing advanced capabilities designed to disrupt, encrypt, and steal. Key Features of LithiumWare: Data Theft: Exhibits activities indicative of stealing personal data, including detecting crypto-addresses. Persistence: Creates files in the startup directory, manipu…

1
CYFIRMA Research- DEEPFAKE, OR THE ‘SPUTNIK MOMENT’ IN THE AI RACE 6:59

5M ago6:59

6:59

China's DeepSeek recently shocked the AI world, challenging US dominance and raising serious security concerns. Did US export controls backfire, fuelling China's AI rise and a new era of cyber threats? Link to the Research Report: https://www.cyfirma.com/blogs/deepfake-or-the-sputnik-moment-in-the-ai-race/ #Geopolitics #CyfirmaResearch #ThreatIntel…

1
CYFIRMA Research: Fake CAPTCHA Malware Campaign- How Cybercriminals Use Deceptive Verifications to Distribute Malware 5:57

5M ago5:57

5:57

Cybercriminals have developed a new sophisticated method to distribute malware via fake CAPTCHA pages, tricking users into executing malicious scripts. Our investigation reveals that the Lumma Stealer is leveraging this tactic to harvest sensitive data, including credentials, cryptocurrency assets, and credit card info. Link to the Research Report:…

1
CYFIRMA Research- SPYLEND: The Android App Available on Google Play Store: Enabling Financial Cyber Crime & Extortion 6:08

5M ago6:08

6:08

This report explores a fake financial management app on the Google Play Store named Finance Simplified, which has been downloaded over 100,000 times. The app reportedly downloads an additional fraudulent loan application targeting Indian users. Once installed, users attempting to secure loans are subjected to cyber blackmail and bullying. The malic…

1
CYFIRMA Research: JavaScript to Command-and-Control (C2) Server Malware 6:24

5M ago6:24

6:24

The cyber threat landscape is evolving, with hackers deploying multi-stage malware using obfuscation, steganography, and covert communication channels to evade detection. Attacks start with an Obfuscated JavaScript, fetching encoded commands from a URL and executing an obfuscated PowerShell script, downloading a JPG image and obfuscated text file c…

1
CYFIRMA Research- Tracking Ransomware- January 2025 4:40

5M ago4:40

4:40

Stay informed about the latest developments in cybersecurity with CYFIRMA's Tracking Ransomware – January 2025 Report. January witnessed 510 ransomware victims globally, with Akira emerging as the most active group while new threats like MORPHEUS surfaced. The Manufacturing, sector is the most targeted, and the USA remained the top victim region wi…

1
CYFIRMA Research- APT Quarterly Highlights- Q4 2024 7:22

5M ago7:22

7:22

Our Q4 2024 APT Quarterly Highlights Report unveils a surge of dynamic and innovative cyber activities from APT groups across Iran, North Korea, Russia, and China. These groups intensified operations with a sharp focus on credential theft through phishing, MFA push-bombing, and fake job scams. RomCom (Russia) and Lazarus (North Korea) exploited zer…

1
CYFIRMA Research- FinStealer 6:53

5M ago6:53

6:53

A malware disguised as a banking app is spreading through phishing and unofficial app stores. Built with Kotlin, this malware steals personal info and card details, leaking everything to criminals via Telegram bots and hidden servers. Stay safe! Only download apps from official stores, check permissions and NEVER share sensitive info on unsecured p…

1
CYFIRMA Research: Flesh Stealer- Unmasking the Blue Masked Thief 6:04

6M ago6:04

6:04

Flesh Stealer, a newly identified malware first observed in August 2024 and written in C#, targets browsers like Chrome, Firefox, and Edge to harvest saved passwords, cookies, and browsing history. It also extracts data from applications such as Telegram and Signal, including stored chats and databases. Interestingly, it avoids executing on systems…

1
CYFIRMA Research: Astral Stealer Analysis 4:30

6M ago4:30

4:30

Astral Stealer: A Sophisticated Threat! Our latest research uncovers Astral Stealer, a powerful malware designed to exfiltrate sensitive data using browser injections, credential dumping, and sophisticated evasion techniques. As a publicly available threat, it provides cybercriminals with the means to bypass security defenses and exploit vulnerable…

1
CYFIRMA Research: Windows Locker Ransomware 5:04

6M ago5:04

5:04

New Ransomware Alert: "Windows Locker" A new .NET-based ransomware strain, Windows Locker, is making waves with its advanced tactics, also read the CYFIRMA research team's full report for a comprehensive analysis: Encryption: Files are encrypted with the .winlocker extension. Ransom Note: Victims receive a Readme.txt file with instructions to conta…

1
CYFIRMA Research- CVE-2024-45387: Critical Vulnerability in Apache Traffic Control 5:50

6M ago5:50

5:50

A critical SQL injection vulnerability (CVE-2024-45387) has been discovered in Apache Traffic Control's Traffic Ops component, impacting versions 8.0.0 and 8.0.1. Attackers with high-level roles (admin, federation, operations, portal, steering) can execute malicious SQL queries, risking data compromise, privilege escalation, and service disruption.…

1
CYFIRMA Research- Android Malware in DONOT APT Operations 3:17

6M ago3:17

3:17

The CYFIRMA team has analyzed malware linked to the Indian APT group DONOT, uncovering its use of a deceptive app called “Tanzeem” to gather intelligence under the guise of a chat platform. The app shuts down after permissions are granted, suggesting a targeted approach. Two analyzed versions, from October and December, showed minimal differences, …

1
CYFIRMA Research- The Fall of Syria and the Future of the Iran Threat 5:04

6M ago5:04

5:04

The swift fall of the Syrian regime caught major players off guard, including Russia and Iran, who heavily invested in propping up the state. While the USA considers withdrawal, Turkey is positioned to greatly increase its influence, while Iran and Russia suffer a significant strategic blow and might start relying more heavily on its cyber capabili…