Cybercrime, new version of GoBrut in the wild: the 3.06
Yoroi-Cybaze ZLab cyber security experts: The GoLand written botnet is more powerful, with new brute forcing modules. Targets are in EMEA region, Italy included, but no Russia.
Cybercrime, there is a new version of GoBrut botnet in the wild
Yoroi-Cybaze ZLab cyber security experts: It’s compiled for Linux. The malware is targeting hundred of thousand WordPress powered websites, and part of them are related to Italy.
New cybercrime tool agains the banking sector: ATM Malware
Yoroi-Cybaze ZLAB cyber security experts: It doesn’t rely on standard communication interfaces, suggesting increased level of customization. It leverages Java Instrumentation techniques.
Cybercrime: LooCipher, the probable heir of GandCrab, has been beaten
Yoroi-Cybaze ZLab cyber security experts develop a free decryptor for the ransomware. The tool, however, requires the malware process to be active.
Cybercrime spreads malware using less-known archive types as initial dropper
Yoroi-Cybaze ZLab cyber security experts: ISO images in particular are exploited. Analyzing a cyber attack against an Italian firm, it emerged the XpertRAT and a Delphi wrapper.
Cybercrime, Sodinokibi exploits Windows vulnerability and processor architecture
Kaspersky cyber security experts: The ransomware uses exploits to escalate privileges and targets the Asia-Pacific region. Is the malware the heir of GandCrab?
Cyber espionage, what APT34 and MuddyWater have in common?
Cyber security expert and Yoroi founder, Marco Ramilli, analyzed the two state-sponsored groups to look for strong and weak similarities.
Is APT34 responsible for the Jason cyber espionage tool?
The cyber security expert, Marco Ramilli, analyzed it to match the clues e find if Iranian state-sponsored hackers are behind the operation. Something says Yes, something diverge.
Ukraine again under a cyber attack, probably by Gamaredon
Cybaze-Yoroi ZLAB cyber security experts: The campaign shows the Matryoshka structure to chain SFX archives, typical of APT implant, and the use of a legit third party RAT as payload.
Cybercrime, TA505 group is expanding its operations with legit RAT
Yoroi-Cybaze cyber security experts noticed a suspicious attack on an organization with spear phishing email and a RMS used as a RAT. The target is not linked to Banking-Retail sectors.