Pierluigi Paganini
April 02, 2019
Cybaze-Yoroi ZLAB malware researchers decided to use the NSA Ghidra suite in a real case study, the analysis of the AZORult malware. Introduction One of the most expected moments in the infosec community during the last few months was, with no doubt, the Ghidra public release. On the 5th of March, at the RSA conference, […]
Pierluigi Paganini
April 02, 2019
The popular expert unixfreaxjp analyzed a new China ELF DDoS’er malware tracked as “Linux/DDoSMan” that evolves from the Elknot malware to deliver new ELF bot. Non-Technical-Premise “This report is meant for incident response or Linux forensics purpose, TO HELP admin & IR folks”, with this the very beginning sentence starts the new analysis of one […]
Pierluigi Paganini
March 29, 2019
Malware researchers at Cybaze-Yoroi ZLAB team dissected a new sample of Qrypter malware that revealed an interesting evolution of the threat. Introduction During the last weeks, Yoroi’s monitoring operation intercepted some malicious emails required further attention: they were sent to a very few organizations and the content was specifically tailored for Italian speaking targets. This […]
Pierluigi Paganini
March 28, 2019
Security experts at Group-IB have detected the activity of Gustuff a mobile Android Trojan, which includes potential targets of customers in leading international banks, users of cryptocurrency services, popular ecommerce websites and marketplaces. Gustuff has previously never been reported. Gustuff is a new generation of malware complete with fully automated features designed to steal both fiat […]
Pierluigi Paganini
March 27, 2019
Experts from Kaspersky observed a new C++ version of the AZORult data stealer that implements the ability to establish RDP connections. The AZORult Trojan is one of the most popular data stealers in the Russian cybercrime underground. The AZORult stealer was first spotted in 2016 by Proofpoint that discovered it was part of a secondary […]
Pierluigi Paganini
March 26, 2019
Malware researchers at Cybaze-Yoroi ZLab team uncovered a new Ursnif malware campaign that reached several organizations across Italy. Introduction The Ursnif trojan confirms itself as one of the most active malware threats in cyberspace, even during the past days, when new attack attempts reached several organizations across Italy. Cybaze-Yoroi ZLab team dissected its infection chain […]
Pierluigi Paganini
March 26, 2019
Good news for the victims of the Hacked Ransomware, the security firm Emsisoft has released a free decryptor to decrypt the data of infected computers. Security experts at Emsisoft released a free decryptor for the Hacked Ransomware. The Hacked Ransomware was first spotted in 2017, it appends .hacked extension to the encrypted files and includes […]
Pierluigi Paganini
March 25, 2019
Cyber security expert and founder of Yoroi has published a new tool that could be used to spot APTs (Advanced Persistent Threats) through Malware streams. There are many ways to spot Advanced Persistent Threats, for example during a forensic analysis on “high rate incident” or having sandbox systems on critical infrastructures or again working as […]
Pierluigi Paganini
March 25, 2019
It is a battle with no holds barred between T-Series and PewDiePie, their fans are spreading the PewDiePie ransomware to force users to subscribe to PewDiePie Youtube channel. The story I’m going to tell you is another chapter of the battle between the most followed Youtuber T-Series and PewDiePie. T-Series is an Indian music company, […]
Pierluigi Paganini
March 24, 2019
Microsoft has announced the availability of Defender ATP Endpoint Security for Apple macOS Microsoft has announced the availability of Microsoft 365 advanced endpoint security solution across platforms, with the support of Apple Mac it added to Microsoft Defender Advanced Threat Protection (ATP). Microsoft Windows Defender ATP was first introduced in 2016 as a defensive solution […]
Security / December 19, 2025
