Cluster25 joins the VirusTotal community
Cluster25 joins the VirusTotal community
March 16, 2023

  We are proud to announce that Cluster25 has joined the VirusTotal community, improving its website/domain scanning eng...

An infostealer comes to town: Dissecting a highly evasive malware targeting Italy
An infostealer comes to town: Dissecting a highly evasive malware targeting Italy
December 22, 2022

  Cluster25 researchers analyzed several campaigns (also publicly reported by CERT-AGID) that used phishing emails to sp...

Erbium InfoStealer Enters the Scene: Characteristics and Origins
Erbium InfoStealer Enters the Scene: Characteristics and Origins
September 15, 2022

On the 21st of July 2022 on a DWW (Deep/Dark Web) forum, a Russian speaking threat actor created an announcement about t...

LockBit 3.0: “Making the ransomware great again”
LockBit 3.0: “Making the ransomware great again”
July 6, 2022

LockBit is a major player in the ransomware scene and has contributed heavily for this cyber-crime model to become one o...

Cyberwarfare targeting the energy sector. Is Europe under threat?
Cyberwarfare targeting the energy sector. Is Europe under threat?
May 27, 2022

The energy sector is a pivotal one for the whole contemporary economy. A disrupt of its functions could cause huge probl...

The Lotus Panda is Awake Again: Analysis of the Last Strike
The Lotus Panda is Awake Again: Analysis of the Last Strike
April 29, 2022

NAIKON is the name of an APT (Advanced Persistent Threat) which is believed to originate from China. The Naikon hacker g...