The research team at Cluster25 traced a recent activity that started in the first days of April 2022 from a DPRK-nexus t...
For a few months Cluster25 collected and analyzed several malicious activities which then were internally linked with th...
INTRODUCTION On 23.02.2022 one of our partners received a very specific targeted spear-phishing email message which lead...
INTRODUCTION On 25.02.2022 cybercrime group Conti published the following statement on their shame blog: The post was...
Very recently a new type of destructive malware named by the security community “HermeticWiper” was used to attack organ...
This past year 2021 was characterized by an increase in ransomware incidents, not only in regards to occurrence but also...
Cluster25 analyzed a recent attack linked to the North Korean APT group “Konni” targeting Russian diplomatic sector usin...
Dharma, a family of ransomware first spotted in 2016, is a malicious program that encrypts a victim’s files and takes as...
Recent geopolitical events are leading to an increase in cyber operations in the Central Asian region. Among the actors ...
This paper presents an analysis of a new and never publicly reported malware internally dubbed as SkinnyBoy. Based on lo...