Cybercrime: JsOutProx, a new enterprise grade malware
Yoroi-Cybaze Zlab cyber security experts: It has been designed to hit High-Value targets, and probably is still under development. It uses extensively obfuscation anti-reverse techniques.
Cybercrime, SWEED is targeting precision engineering companies in Italy
Marco Ramilli, cyber security expert and Yoroi founder: The attacker, pretended to be a customer, sent to victims an email containing Microsoft XLS file, without Macro but with hidden malware.
Cybercrime, there is a new version of GoBrut botnet in the wild
Yoroi-Cybaze ZLab cyber security experts: It’s compiled for Linux. The malware is targeting hundred of thousand WordPress powered websites, and part of them are related to Italy.
New cybercrime tool agains the banking sector: ATM Malware
Yoroi-Cybaze ZLAB cyber security experts: It doesn’t rely on standard communication interfaces, suggesting increased level of customization. It leverages Java Instrumentation techniques.
Cybercrime: LooCipher, the probable heir of GandCrab, has been beaten
Yoroi-Cybaze ZLab cyber security experts develop a free decryptor for the ransomware. The tool, however, requires the malware process to be active.
Cyber espionage, what APT34 and MuddyWater have in common?
Cyber security expert and Yoroi founder, Marco Ramilli, analyzed the two state-sponsored groups to look for strong and weak similarities.
Ukraine again under a cyber attack, probably by Gamaredon
Cybaze-Yoroi ZLAB cyber security experts: The campaign shows the Matryoshka structure to chain SFX archives, typical of APT implant, and the use of a legit third party RAT as payload.
Cybercrime, three well known techniques still successfully used to avoid detection
Yoroi-Cybaze cyber security experts: They are “The Broken Doc”, “Hide Payload with Office Developer Mode”, and “Spoofed Signature”or “Certificate Spoofing”.
APT, new free tool to help spotting them from Marco Ramilli
The cyber security expert: It’s easy, thanks to rules to identify specific set of binaries. But it also needs manual analysis to confirm if the threat is real o fake.
Torrent’ users cyber security is at high risk, regardless the seeder
Yoroi-Cybaze conducted a study, downloading files of 3 categories: most of them contain malware. In January there was a double cyber attack with Vidar and GandCrab.