Security experts at Palo Alto Networks analyzed the method used by Iran-linked OilRig APT Group to test weaponized docs before use in attacks. Security researchers Palo Alto Networks have analyzed the techniques adopted by Iran-linked APT group OilRig (aka APT34) to...
Malware researchers from Cybaze ZLab - Yoroi team have detected a new strain of malware that appears to be associated with a new wave of attacks carries out by Russia linked APT29 group. The researchers of Yoroi ZLab, on 16 November, accessed to a new APT29’s...
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, "Digging in the Deep Web" is online with a special deal 20% discount Kindle Edition Paper Copy Once...
Marco Ramilli, founder and CEO at cyber security firm Yoroi has explained how to use Microsoft Powerpoint as Malware Dropper Nowadays Microsoft office documents are often used to propagate Malware acting like dynamic droppers. Microsoft Excel...
According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. Hong Kong, 16.11.2018 – Group-IB, an international company that specializes in preventing cyber...
Malware researchers at the Cybaze ZLab- Yoroi team spotted a new variant of the dangerous APT28 Lojax rootkit. A new variant of the infamous APT28 Lojax (aka Double-Agent) has been discovered by the Cybaze ZLab - Yoroi team. It is the latest version...
The threat actor TA505 behind many Dridex and Locky campaigns have been using a new Remote Access Trojan (RAT) dubbed tRat. Researchers at Proofpoint warns that the threat actor TA505 have been using a new Remote Access Trojan (RAT) dubbed tRat that...
Researchers who devised the original Meltdown and Spectre attacks disclosed seven new variants that leverage on a technique known as transient execution. In January, white hackers from Google Project Zero disclosed the vulnerabilities that potentially...
Kaspersky revealed that the CVE-2018-8589 Windows 0-day fixed by Microsoft Nov. 2018 Patch Tuesday has been exploited by at least one APT group in attacks in the Middle East. Kaspersky Lab experts revealed that the CVE-2018-8589 Windows zero-day...
Experts at Yoroi’s Cyber Security Defence Center along with Fincantieri’s security team investigated the recently discovered Martymcfly malware attacks. Background On October 17th we disclosed the 'MartyMcFly' Threat (Rif. Analysis) where unknown...