Cybercrime, there is a new version of GoBrut botnet in the wild
Yoroi-Cybaze ZLab cyber security experts: It’s compiled for Linux. The malware is targeting hundred of thousand WordPress powered websites, and part of them are related to Italy.
New cybercrime tool agains the banking sector: ATM Malware
Yoroi-Cybaze ZLAB cyber security experts: It doesn’t rely on standard communication interfaces, suggesting increased level of customization. It leverages Java Instrumentation techniques.
Cybercrime: LooCipher, the probable heir of GandCrab, has been beaten
Yoroi-Cybaze ZLab cyber security experts develop a free decryptor for the ransomware. The tool, however, requires the malware process to be active.
Cyber espionage, what APT34 and MuddyWater have in common?
Cyber security expert and Yoroi founder, Marco Ramilli, analyzed the two state-sponsored groups to look for strong and weak similarities.
Ukraine again under a cyber attack, probably by Gamaredon
Cybaze-Yoroi ZLAB cyber security experts: The campaign shows the Matryoshka structure to chain SFX archives, typical of APT implant, and the use of a legit third party RAT as payload.
Cybercrime, three well known techniques still successfully used to avoid detection
Yoroi-Cybaze cyber security experts: They are “The Broken Doc”, “Hide Payload with Office Developer Mode”, and “Spoofed Signature”or “Certificate Spoofing”.
APT, new free tool to help spotting them from Marco Ramilli
The cyber security expert: It’s easy, thanks to rules to identify specific set of binaries. But it also needs manual analysis to confirm if the threat is real o fake.
Torrent’ users cyber security is at high risk, regardless the seeder
Yoroi-Cybaze conducted a study, downloading files of 3 categories: most of them contain malware. In January there was a double cyber attack with Vidar and GandCrab.
WinRAR, a 19 old flaw could let a hacker to gain full control over a victim’s computer
Check Point cyber security experts: There are gaps in management of inputs within the "unacev2.dll" library. Yoroi: If not necessary, block the ACE archives.
Cybercrime attacks Italy with Super Mario to disguise the Ursnif malware
The banking trojan is spreaded through mails with malicious attachments. It builds a PowerShell command from a downloaded image, thanks to steganography.