ABSTRACT: Log stealers are a type of malware that steals user credentials from a compromised computer. Criminals deliver stealers through a cracked version of software, causing the user to install them without even realizing it. They can recover usernames and passwords saved in browsers, as well as personal data, cookies, and system information. Logs stolen in this way are then offered for sale in various deep and dark web marketplaces. With our OSINT and CTI platform SATAYO, we monitor any evidence related to our customers to protect and safeguard their business perimeter. BIO #1: I am Mirko, a Technical Consultant at Würth Phoenix. I work in the Cyber Security Team together with Francesco, but we usually handle different things. I'm mainly part of the Blue Team where I develop procedures, documentation, and features for our SOC. I also analyze multiple interesting pieces of evidence and have a lot of fun :) BIO #2: I'm Francesco and I'm currently working as a technical consultant at Würth Phoenix with Mirko. Here I mainly develop the Cyber Threat Intelligence platform SATAYO, my "little child" - even if it's not so little anymore - but I also analyze the evidence found and help the customers understand and mitigate them.