Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-24YoroiLuigi Martire, Luca Mella
@online{martire:20210924:hunting:d29a5e6, author = {Luigi Martire and Luca Mella}, title = {{Hunting the LockBit Gang's Exfiltration Infrastructures}}, date = {2021-09-24}, organization = {Yoroi}, url = {https://yoroi.company/research/hunting-the-lockbit-gangs-exfiltration-infrastructures/}, language = {English}, urldate = {2021-09-24} } Hunting the LockBit Gang's Exfiltration Infrastructures
LockBit StealBit
2021-08-31YoroiLuigi Martire, Luca Mella, Yoroi
@online{martire:20210831:financial:e78f0cc, author = {Luigi Martire and Luca Mella and Yoroi}, title = {{Financial Institutions in the Sight of New JsOutProx Attack Waves}}, date = {2021-08-31}, organization = {Yoroi}, url = {https://yoroi.company/research/financial-institutions-in-the-sight-of-new-jsoutprox-attack-waves/}, language = {English}, urldate = {2021-09-09} } Financial Institutions in the Sight of New JsOutProx Attack Waves
JSOutProx
2021-06-29YoroiLuigi Martire, Luca Mella
@online{martire:20210629:wayback:fc8fa84, author = {Luigi Martire and Luca Mella}, title = {{The "WayBack” Campaign: a Large Scale Operation Hiding in Plain Sight}}, date = {2021-06-29}, organization = {Yoroi}, url = {https://yoroi.company/research/the-wayback-campaign-a-large-scale-operation-hiding-in-plain-sight/}, language = {English}, urldate = {2021-06-29} } The "WayBack” Campaign: a Large Scale Operation Hiding in Plain Sight
Agent Tesla Cobian RAT Oski Stealer
2021-04-16YoroiZLAB-Yoroi, Luigi Martire, Luca Mella
@online{zlabyoroi:20210416:ransomware:854f9f6, author = {ZLAB-Yoroi and Luigi Martire and Luca Mella}, title = {{Ransomware micro-criminals are still out here (and growing)}}, date = {2021-04-16}, organization = {Yoroi}, url = {https://yoroi.company/research/ransomware-micro-criminals-are-still-out-here-and-growing/}, language = {English}, urldate = {2021-06-16} } Ransomware micro-criminals are still out here (and growing)
2021-03-16YoroiLuigi Martire, Luca Mella
@online{martire:20210316:threatening:9158d9b, author = {Luigi Martire and Luca Mella}, title = {{Threatening within Budget: How WSH-RAT is abused by Cyber-Crooks}}, date = {2021-03-16}, organization = {Yoroi}, url = {https://yoroi.company/research/threatening-within-budget-how-wsh-rat-is-abused-by-cyber-crooks/}, language = {English}, urldate = {2021-06-16} } Threatening within Budget: How WSH-RAT is abused by Cyber-Crooks
Houdini
2021-02-04YoroiLuigi Martire, Luca Mella
@online{martire:20210204:connecting:9d49c15, author = {Luigi Martire and Luca Mella}, title = {{Connecting the dots inside the Italian APT Landscape}}, date = {2021-02-04}, organization = {Yoroi}, url = {https://yoroi.company/research/connecting-the-dots-inside-the-italian-apt-landscape/}, language = {English}, urldate = {2021-06-16} } Connecting the dots inside the Italian APT Landscape
2021-01-12YoroiLuigi Martire, Antonio Pirozzi, Luca Mella
@online{martire:20210112:opening:806667c, author = {Luigi Martire and Antonio Pirozzi and Luca Mella}, title = {{Opening “STEELCORGI”: A Sophisticated APT Swiss Army Knife}}, date = {2021-01-12}, organization = {Yoroi}, url = {https://yoroi.company/research/opening-steelcorgi-a-sophisticated-apt-swiss-army-knife/}, language = {English}, urldate = {2021-07-20} } Opening “STEELCORGI”: A Sophisticated APT Swiss Army Knife
STEELCORGI
2020-11-30YoroiLuigi Martire, Antonio Pirozzi, Luca Mella
@online{martire:20201130:shadows:2ef4813, author = {Luigi Martire and Antonio Pirozzi and Luca Mella}, title = {{Shadows From The Past Threaten Italian Enterprises}}, date = {2020-11-30}, organization = {Yoroi}, url = {https://yoroi.company/research/shadows-from-the-past-threaten-italian-enterprises/}, language = {English}, urldate = {2021-06-16} } Shadows From The Past Threaten Italian Enterprises
Rekoobe LaZagne Responder MimiKatz win.rekoobe
2020-05-22YoroiYoroi
@online{yoroi:20200522:cybercriminal:97a41b3, author = {Yoroi}, title = {{Cyber-Criminal espionage Operation insists on Italian Manufacturing}}, date = {2020-05-22}, organization = {Yoroi}, url = {https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/}, language = {English}, urldate = {2020-05-23} } Cyber-Criminal espionage Operation insists on Italian Manufacturing
Agent Tesla
2020-05-06YoroiLuigi Martire, Davide Testa, Luca Mella
@online{martire:20200506:new:4e0c27b, author = {Luigi Martire and Davide Testa and Luca Mella}, title = {{New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain}}, date = {2020-05-06}, organization = {Yoroi}, url = {https://yoroi.company/research/new-cyber-operation-targets-italy-digging-into-the-netwire-attack-chain/}, language = {English}, urldate = {2021-06-16} } New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain
NetWire RC
2020-04-28YoroiAntonio Pirozzi, Luigi Martire, Pierluigi Paganini
@online{pirozzi:20200428:outlaw:e4da556, author = {Antonio Pirozzi and Luigi Martire and Pierluigi Paganini}, title = {{Outlaw is Back, a New Crypto-Botnet Targets European Organizations}}, date = {2020-04-28}, organization = {Yoroi}, url = {https://yoroi.company/research/outlaw-is-back-a-new-crypto-botnet-targets-european-organizations/}, language = {English}, urldate = {2021-06-16} } Outlaw is Back, a New Crypto-Botnet Targets European Organizations
Cpuminer PerlBot
2020-03-19YoroiMarco Ramilli
@online{ramilli:20200319:is:bc75e96, author = {Marco Ramilli}, title = {{Is APT 27 Abusing COVID-19 To Attack People ?!}}, date = {2020-03-19}, organization = {Yoroi}, url = {https://marcoramilli.com/2020/03/19/is-apt27-abusing-covid-19-to-attack-people/}, language = {English}, urldate = {2020-05-02} } Is APT 27 Abusing COVID-19 To Attack People ?!
2020-03-02YoroiZLAB-Yoroi
@online{zlabyoroi:20200302:karkoff:a43fe0f, author = {ZLAB-Yoroi}, title = {{Karkoff 2020: a new APT34 espionage operation involves Lebanon Government}}, date = {2020-03-02}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/karkoff-2020-a-new-apt34-espionage-operation-involves-lebanon-government/}, language = {English}, urldate = {2020-03-03} } Karkoff 2020: a new APT34 espionage operation involves Lebanon Government
Karkoff
2020-02-21YoroiLuigi Martire, Pietro Melillo, Antonio Pirozzi
@online{martire:20200221:transparent:eb18469, author = {Luigi Martire and Pietro Melillo and Antonio Pirozzi}, title = {{Transparent Tribe: Four Years Later}}, date = {2020-02-21}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/transparent-tribe-four-years-later}, language = {English}, urldate = {2020-03-06} } Transparent Tribe: Four Years Later
Crimson RAT
2020-02-19YoroiMarco Ramilli
@online{ramilli:20200219:uncovering:4f04cd0, author = {Marco Ramilli}, title = {{Uncovering New Magecart Implant Attacking eCommerce}}, date = {2020-02-19}, organization = {Yoroi}, url = {https://marcoramilli.com/2020/02/19/uncovering-new-magecart-implant-attacking-ecommerce/}, language = {English}, urldate = {2020-02-20} } Uncovering New Magecart Implant Attacking eCommerce
magecart
2020-02-17YoroiYoroi
@online{yoroi:20200217:cyberwarfare:5b28cf2, author = {Yoroi}, title = {{Cyberwarfare: A deep dive into the latest Gamaredon Espionage Campaign}}, date = {2020-02-17}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/cyberwarfare-a-deep-dive-into-the-latest-gamaredon-espionage-campaign/}, language = {English}, urldate = {2020-02-20} } Cyberwarfare: A deep dive into the latest Gamaredon Espionage Campaign
Pteranodon
2020-01-27YoroiLuigi Martire, Luca Mella
@online{martire:20200127:aggah:9ed3380, author = {Luigi Martire and Luca Mella}, title = {{Aggah: How to run a botnet without renting a Server (for more than a year)}}, date = {2020-01-27}, organization = {Yoroi}, url = {https://yoroi.company/research/aggah-how-to-run-a-botnet-without-renting-a-server-for-more-than-a-year/}, language = {English}, urldate = {2021-06-16} } Aggah: How to run a botnet without renting a Server (for more than a year)
LokiBot Azorult
2020-01-14YoroiYoroi
@online{yoroi:20200114:analysis:d5eb291, author = {Yoroi}, title = {{Analysis Run}}, date = {2020-01-14}, organization = {Yoroi}, url = {https://yomi.yoroi.company/report/5e1d77b371ef016089703d1a/5e1d79d7d1cc4993da62f24f/overview}, language = {English}, urldate = {2020-01-14} } Analysis Run
BitPyLock
2019-12-27YoroiYoroi
@online{yoroi:20191227:analysis:51fe39c, author = {Yoroi}, title = {{Analysis Run}}, date = {2019-12-27}, organization = {Yoroi}, url = {https://yomi.yoroi.company/report/5e1d7b06c21640608183de58/5e1d7b09d1cc4993da62f261/overview}, language = {English}, urldate = {2020-01-14} } Analysis Run
Yarraq
2019-12-20YoroiAntonio Farina, Luca Mella, Antonio Pirozzi
@online{farina:20191220:unveiling:0abaa1d, author = {Antonio Farina and Luca Mella and Antonio Pirozzi}, title = {{Unveiling JsOutProx: A New Enterprise Grade Implant}}, date = {2019-12-20}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/unveiling-jsoutprox-a-new-enterprise-grade-implant/}, language = {English}, urldate = {2021-06-16} } Unveiling JsOutProx: A New Enterprise Grade Implant
JSOutProx