Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-24YoroiLuigi Martire, Luca Mella
@online{martire:20210924:hunting:d29a5e6, author = {Luigi Martire and Luca Mella}, title = {{Hunting the LockBit Gang's Exfiltration Infrastructures}}, date = {2021-09-24}, organization = {Yoroi}, url = {https://yoroi.company/research/hunting-the-lockbit-gangs-exfiltration-infrastructures/}, language = {English}, urldate = {2021-09-24} } Hunting the LockBit Gang's Exfiltration Infrastructures
LockBit StealBit
2021-08-31YoroiLuigi Martire, Luca Mella, Yoroi
@online{martire:20210831:financial:e78f0cc, author = {Luigi Martire and Luca Mella and Yoroi}, title = {{Financial Institutions in the Sight of New JsOutProx Attack Waves}}, date = {2021-08-31}, organization = {Yoroi}, url = {https://yoroi.company/research/financial-institutions-in-the-sight-of-new-jsoutprox-attack-waves/}, language = {English}, urldate = {2021-09-09} } Financial Institutions in the Sight of New JsOutProx Attack Waves
JSOutProx
2021-06-29YoroiLuigi Martire, Luca Mella
@online{martire:20210629:wayback:fc8fa84, author = {Luigi Martire and Luca Mella}, title = {{The "WayBack” Campaign: a Large Scale Operation Hiding in Plain Sight}}, date = {2021-06-29}, organization = {Yoroi}, url = {https://yoroi.company/research/the-wayback-campaign-a-large-scale-operation-hiding-in-plain-sight/}, language = {English}, urldate = {2021-06-29} } The "WayBack” Campaign: a Large Scale Operation Hiding in Plain Sight
Agent Tesla Cobian RAT Oski Stealer
2021-04-16YoroiZLAB-Yoroi, Luigi Martire, Luca Mella
@online{zlabyoroi:20210416:ransomware:854f9f6, author = {ZLAB-Yoroi and Luigi Martire and Luca Mella}, title = {{Ransomware micro-criminals are still out here (and growing)}}, date = {2021-04-16}, organization = {Yoroi}, url = {https://yoroi.company/research/ransomware-micro-criminals-are-still-out-here-and-growing/}, language = {English}, urldate = {2021-06-16} } Ransomware micro-criminals are still out here (and growing)
2021-03-16YoroiLuigi Martire, Luca Mella
@online{martire:20210316:threatening:9158d9b, author = {Luigi Martire and Luca Mella}, title = {{Threatening within Budget: How WSH-RAT is abused by Cyber-Crooks}}, date = {2021-03-16}, organization = {Yoroi}, url = {https://yoroi.company/research/threatening-within-budget-how-wsh-rat-is-abused-by-cyber-crooks/}, language = {English}, urldate = {2021-06-16} } Threatening within Budget: How WSH-RAT is abused by Cyber-Crooks
Houdini
2021-02-04YoroiLuigi Martire, Luca Mella
@online{martire:20210204:connecting:9d49c15, author = {Luigi Martire and Luca Mella}, title = {{Connecting the dots inside the Italian APT Landscape}}, date = {2021-02-04}, organization = {Yoroi}, url = {https://yoroi.company/research/connecting-the-dots-inside-the-italian-apt-landscape/}, language = {English}, urldate = {2021-06-16} } Connecting the dots inside the Italian APT Landscape
2021-01-12YoroiLuigi Martire, Antonio Pirozzi, Luca Mella
@online{martire:20210112:opening:806667c, author = {Luigi Martire and Antonio Pirozzi and Luca Mella}, title = {{Opening “STEELCORGI”: A Sophisticated APT Swiss Army Knife}}, date = {2021-01-12}, organization = {Yoroi}, url = {https://yoroi.company/research/opening-steelcorgi-a-sophisticated-apt-swiss-army-knife/}, language = {English}, urldate = {2021-07-20} } Opening “STEELCORGI”: A Sophisticated APT Swiss Army Knife
STEELCORGI
2020-11-30YoroiLuigi Martire, Antonio Pirozzi, Luca Mella
@online{martire:20201130:shadows:2ef4813, author = {Luigi Martire and Antonio Pirozzi and Luca Mella}, title = {{Shadows From The Past Threaten Italian Enterprises}}, date = {2020-11-30}, organization = {Yoroi}, url = {https://yoroi.company/research/shadows-from-the-past-threaten-italian-enterprises/}, language = {English}, urldate = {2021-06-16} } Shadows From The Past Threaten Italian Enterprises
Rekoobe LaZagne Responder MimiKatz win.rekoobe
2020-05-06YoroiLuigi Martire, Davide Testa, Luca Mella
@online{martire:20200506:new:4e0c27b, author = {Luigi Martire and Davide Testa and Luca Mella}, title = {{New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain}}, date = {2020-05-06}, organization = {Yoroi}, url = {https://yoroi.company/research/new-cyber-operation-targets-italy-digging-into-the-netwire-attack-chain/}, language = {English}, urldate = {2021-06-16} } New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain
NetWire RC
2020-04-28YoroiAntonio Pirozzi, Luigi Martire, Pierluigi Paganini
@online{pirozzi:20200428:outlaw:e4da556, author = {Antonio Pirozzi and Luigi Martire and Pierluigi Paganini}, title = {{Outlaw is Back, a New Crypto-Botnet Targets European Organizations}}, date = {2020-04-28}, organization = {Yoroi}, url = {https://yoroi.company/research/outlaw-is-back-a-new-crypto-botnet-targets-european-organizations/}, language = {English}, urldate = {2021-06-16} } Outlaw is Back, a New Crypto-Botnet Targets European Organizations
Cpuminer PerlBot
2020-02-21YoroiLuigi Martire, Pietro Melillo, Antonio Pirozzi
@online{martire:20200221:transparent:eb18469, author = {Luigi Martire and Pietro Melillo and Antonio Pirozzi}, title = {{Transparent Tribe: Four Years Later}}, date = {2020-02-21}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/transparent-tribe-four-years-later}, language = {English}, urldate = {2020-03-06} } Transparent Tribe: Four Years Later
Crimson RAT
2020-01-27YoroiLuigi Martire, Luca Mella
@online{martire:20200127:aggah:9ed3380, author = {Luigi Martire and Luca Mella}, title = {{Aggah: How to run a botnet without renting a Server (for more than a year)}}, date = {2020-01-27}, organization = {Yoroi}, url = {https://yoroi.company/research/aggah-how-to-run-a-botnet-without-renting-a-server-for-more-than-a-year/}, language = {English}, urldate = {2021-06-16} } Aggah: How to run a botnet without renting a Server (for more than a year)
LokiBot Azorult
2019-06-08YoroiLuigi Martire, Davide Testa, Luca Mella, ZLAB-Yoroi
@online{martire:20190608:evolution:c9d130c, author = {Luigi Martire and Davide Testa and Luca Mella and ZLAB-Yoroi}, title = {{The Evolution of Aggah: From Roma225 to the RG Campaign}}, date = {2019-06-08}, organization = {Yoroi}, url = {https://yoroi.company/research/the-evolution-of-aggah-from-roma225-to-the-rg-campaign/}, language = {English}, urldate = {2021-06-16} } The Evolution of Aggah: From Roma225 to the RG Campaign
Revenge RAT
2019-05-16YoroiLuigi Martire, Davide Testa, Antonio Pirozzi, Luca Mella
@online{martire:20190516:stealthy:930aa98, author = {Luigi Martire and Davide Testa and Antonio Pirozzi and Luca Mella}, title = {{The Stealthy Email Stealer in the TA505 Arsenal}}, date = {2019-05-16}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/the-stealthy-email-stealer-in-the-ta505-arsenal/}, language = {English}, urldate = {2019-10-14} } The Stealthy Email Stealer in the TA505 Arsenal
TA505
2018-01-22YoroiAntonio Pirozzi, Antonio Farina, Luigi Martire
@techreport{pirozzi:20180122:operation:260c7d7, author = {Antonio Pirozzi and Antonio Farina and Luigi Martire}, title = {{Operation EvilTraffic}}, date = {2018-01-22}, institution = {Yoroi}, url = {https://cybaze.it/download/zlab/20180121_CSE_Massive_Malvertising_Report.pdf}, language = {English}, urldate = {2020-04-21} } Operation EvilTraffic
EvilTraffic