SecOps & Risk mitigation
CyberProof uses OSINT and threat intelligence feeds for visibility into threats.
CyberProof’s adaptable playbooks address continuously evolving threats with updated strategies.
Professionals manage sophisticated networks, leveraging experience to counter advanced threats.
Professionals manage sophisticated networks, leveraging experience to counter advanced threats.
24/7 global SOC support ensures incident response with guaranteed SLA.
24/7 global SOC support ensures incident response with guaranteed SLA.
CyberProof develops recovery plans, restoring capabilities after a cyber incident.
Classify and manage enterprise assets, understanding risks and data sensitivity.
Non-destructive tests uncover potential exploits in assets and applications.
Mitigate security issues early with CyberProof’s training and awareness programs.
Rigorous security assessment for on-premise and cloud applications to ensure protection.
IAM manages user access, monitors for anomalies, ensuring security.
Cloud First approach ensures compliance and security within cloud environments.
Managed service for SIEM, EDR, MXDR, and threat intelligence solutions.
Identify, assess, and mitigate security vulnerabilities through regular scanning.
Partners
See all partners“Today I have complete visibility into the entire environment, in real time”
Jamil Farshchi | Equifax CISO
CyberProof Acquires Interpres Security
By leveraging and integrating the Interpres Security CTEM solution into its security services portfolio, CyberProof is able to continuously identify, assess, and prioritize risk while adapting defense services, like MDR, Vulnerability management and Use case management to address ever evolving threats. Take proactive steps to fortify your security today!
Threat Alerts
Ransomware Groups Shift to Strategic Sector-Based Attacks in the UK
A surge of ransomware attacks has struck major UK retailers, with threat groups DragonForce and Scattered Spider identified as the main actors behind this wave. Victims include Co-op, Marks & Spencer, and Harrods, all of which have reported service outages or data breaches. DragonForce has claimed responsibility for the attacks, including the theft of 20 million customer records from Co-op, while multiple sources suggest Scattered Spider may be operating in parallel or supporting the campaign.
What stands out in this campaign is not just the high-profile victims, but the deliberate and strategic shift by ransomware actors to target specific sectors—in this case, UK retail. This sector-focused approach reflects an evolution in ransomware operations, where groups increasingly coordinate large-scale attacks on entire industries to maximize disruption and extortion leverage.
Gremlin Stealer: New C# Malware Targets Sensitive Data, Sold via Telegram
In April 2025, researchers uncovered a new information-stealing malware named Gremlin Stealer, which has been actively promoted on the Telegram channel “CoderSharp” since mid-March. Developed in C#, this malware is designed to extract a wide range of sensitive data from compromised Windows systems, including browser cookies, saved credentials, clipboard contents, cryptocurrency wallet information, FTP and VPN configurations, as well as session data from applications like Telegram and Discord. Notably, Gremlin Stealer boasts the capability to bypass Chrome’s Cookie V20 protection, enhancing its effectiveness in harvesting user data.
Gremlin Stealer is an integrated backend infrastructure, which provides cybercriminals with a user-friendly web portal to manage and download exfiltrated data. Upon infection, the malware aggregates the stolen information into ZIP archives and uploads them to a command-and-control server, with some versions utilizing hardcoded Telegram bots for data transmission. This streamlined data management system underscores the evolving sophistication of cybercriminal tools. The analysis highlights the growing threat posed by such malware and emphasizes the importance of robust cybersecurity measures to detect and mitigate these risks.