Cyber security, huge vulnerability discovered in F5 BIG-IP technologies
Yoroi-Cybaze experts: The flaw, the CVE-2020-5902, is caused by gaps in the management of particular HTTP requests by the TMUI management interface.
Cyber Security, 0-day vulnerability discovered on SOHO Netgear devices
Yoroi-Cybaze Experts: An attacker can execute arbitrary code on the target device by taking control of it without authentication. In addition, there is currently no patch.
Cybercrime: JsOutProx, a new enterprise grade malware
Yoroi-Cybaze Zlab cyber security experts: It has been designed to hit High-Value targets, and probably is still under development. It uses extensively obfuscation anti-reverse techniques.
Cybercrime, SWEED is targeting precision engineering companies in Italy
Marco Ramilli, cyber security expert and Yoroi founder: The attacker, pretended to be a customer, sent to victims an email containing Microsoft XLS file, without Macro but with hidden malware.
Cybercrime, there is a new version of GoBrut botnet in the wild
Yoroi-Cybaze ZLab cyber security experts: It’s compiled for Linux. The malware is targeting hundred of thousand WordPress powered websites, and part of them are related to Italy.
New cybercrime tool agains the banking sector: ATM Malware
Yoroi-Cybaze ZLAB cyber security experts: It doesn’t rely on standard communication interfaces, suggesting increased level of customization. It leverages Java Instrumentation techniques.
Cybercrime: LooCipher, the probable heir of GandCrab, has been beaten
Yoroi-Cybaze ZLab cyber security experts develop a free decryptor for the ransomware. The tool, however, requires the malware process to be active.
Cyber espionage, what APT34 and MuddyWater have in common?
Cyber security expert and Yoroi founder, Marco Ramilli, analyzed the two state-sponsored groups to look for strong and weak similarities.
Ukraine again under a cyber attack, probably by Gamaredon
Cybaze-Yoroi ZLAB cyber security experts: The campaign shows the Matryoshka structure to chain SFX archives, typical of APT implant, and the use of a legit third party RAT as payload.
Cybercrime, three well known techniques still successfully used to avoid detection
Yoroi-Cybaze cyber security experts: They are “The Broken Doc”, “Hide Payload with Office Developer Mode”, and “Spoofed Signature”or “Certificate Spoofing”.