Another excellent analysis by @TelsyTRT Emanuele De Lucia OPERATION “SPACE RACE”: REACHING THE STARS THROUGH PROFESSIONAL SOCIAL NETWORKS telsy.com/operation-spac… Malware Patrol Denis O'Brien Antonio Pirozzi

Dee TG Soft Pierluigi Paganini - Security Affairs another azorult c2 login panel @ zi-chem.]co/PL342/panel/admin.php ip 217.195.154.94🇳🇱 shock hosting blacklisted on CyberCrime-Tracker VT: 8/80 INV05390 Document 56.exe signed by CN bazaar.abuse.ch/sample/fe86c6a… panel stats and authenticode

multiple C2 panel on 5.9.239.131 DT-Stealer: https://lodergord.]com/login.php (credits by deity.developer]at]thesecure.]biz) Azorult on 5.9.239.131/azorme/panel/admin.php mainly targeting GB,US and RU.. also DarkSky.. Hetzner Pierluigi Paganini - Security Affairs TG Soft

Our report on #kimsuky #apt cited by us-cert in an advisory coauthored by FBI USCYBERCOM Cybersecurity Alert Cybersecurity and Infrastructure Security Agency.. references n.36 and 37.. Yoroi Malware Z-Lab Yoroi Antonio Pirozzi Marco Ramilli lc4m

Grazie!

[ALERT] #smishing campaign against Intesa Sanpaolo customers.. - some non legit domains registered between 2020-10-22 and 2020-1-25.. - non legit certificate created (fingerprint in the screen) Francesco Bussoletti Cert AgID Gianni Amato Pierluigi Paganini - Security Affairs TG Soft

An interesting analysis made by Yoroi Yoroi Malware Z-Lab on the new #UNC1945 (Mandiant (part of Google Cloud) ) spotted on 🇮🇹 Infrastructures. Catalin Cimpanu MalwareHunterTeam BleepingComputer Odisseus @arturodicorinto @malwaremustd1e yoroi.company/research/shado…

Thanks FortiGuard Labs for citing us for our discovery! fortinet.com/blog/threat-re… #malware #jsoutprox MalwareHunterTeam Yoroi James Bl4ng3l @hexfati lc4m Luigi Martire

Dissecting #STEELCORGI 🔥🔥🔥: Our last analysis about another piece of the #UNC1945 arsenal! yoroi.company/research/openi… @FireEye @Bank_Security MalwareHunterTeam Yoroi Yoroi Malware Z-Lab JAMESWT_MHT Pierluigi Paganini - Security Affairs James TG Soft Malware Patrol

Yoroi (Yoroi Malware Z-Lab ) on dissecting a #lockBit #exfil tool and #hunting the gang exfiltration infrastructure. lc4m Luigi Martire MalwareHunterTeam f_462_958 Mikhail Kasimov Odisseus Securityblog R. Catalin Cimpanu yoroi.company/research/hunti…

Decine di aziende manifatturiere italiane vittime di una serie di attacchi che infettano i sistemi informatici con finti documenti Office e Excel attraverso la botnet #Dridex Grazie Agi Agenzia Italia per aver segnalato il lavoro del Yoroi Malware Z-Lab #Yoroi agi.it/cronaca/news/2…

Leak di dati di dirigenti italiani ed europei in vendita nel #DarkWeb Il Cert Yoroi ha individuato 3.887 contatti di manager che lavorano soprattutto nei settori bancario e assicurativo e che adesso sono a rischio truffa. agi.it/cronaca/news/2… #Yoroi #cybersecurity

#threatactors are evolving their techniques. So we began a tracking adventure to spot new #ioc and to map their evolution over time. New IoC available 👇👇 yoroi.company/research/serve… lc4m Emanuele De Lucia JAMESWT_MHT James Yoroi Yoroi Malware Z-Lab

The #Yoroi Yoroi Malware Z-Lab is tracking the threat actor Aggah (TH-157) since 2019 along with PaloAlto UNIT42, HP and Juniper Networks, revealing a structured information stealing infrastructure, a campaign capable of quickly varying its distribution technique. yoroi.company/research/serve…

#MalwareAnalysis: Serverless #InfoStealer Delivered In Est European Countries bit.ly/3p87bcf-Ttx-Ttx Yoroi Malware Z-Lab Yoroi 𝞝 #Organizations #Enterprises #InfoSec #CyberSecurity #Obfuscation #PowerShell #CyberAttacks #Aggah #Malware #Lolbin #TH157 #PowerPoint #dotNET #VBS

Anche tu hai l'abitudine di installare software presi in rete? Allora leggi l'analisi su come funziona il #ransomware #BlueSky fatta dai tecnici dello Yoroi Malware Z-Lab di Yoroi nel nostro ultimo Blog post. Leggi qui 👇🏾 yoroi.company/research/disse…

The Yoroi Yoroi Malware Z-Lab did a deep dive into the #BlueSky ransomware, providing a technical analysis of the #ransomware payload. #CyberSecurity #InfoSec #malware CVSoci.al/AToqc19m

Oggi Yoroi Malware Z-Lab di Yoroi presenta "Vetta Loader", un malware stealth che utilizza pen-drive infette come suo principale vettore. Ricorda di sanificare le chiavette USB prima di usarle! Leggi di più sul nostro blog 👉 bit.ly/3GsOkjY

Yoroi Malware Z-Lab i Yoroi ha studiato il gruppo TA544, famoso per distribuire Ursnif. Una recente campagna usa un nuovo loader, Hijack loader (aka IDAT loader), che come payload finale distribuiva RemCos, famoso RAT. Leggi il nostro report su questo bit.ly/3v49OkK

Che sorpresa scoprire che il report del nostro Yoroi Malware Z-Lab su VETTALoader viene citato da Mandiant (part of Google Cloud) ! Yoroi è molto orgogliosa di questo riconoscimento a livello internazionale. 👉 Vedi l'articolo di Mandiant 👉mandiant.com/resources/blog… Marco Ramilli Luigi Martire