en
GET A CONSULTATION
DPRK-NEXUS Adversary Targets South Korean Individuals in a New Chapter of Kitty Phishing Operations
DPRK-NEXUS Adversary Targets South Korean Individuals in a New Chapter of Kitty Phishing Operations
April 11, 2022

The research team at Cluster25 traced a recent activity that started in the first days of April 2022 from a DPRK-nexus t...

Read this article

Ghostwriter / UNC1151 Adopts Microbackdoor Variants in Cyber Operations Against Ukraine
Ghostwriter / UNC1151 Adopts Microbackdoor Variants in Cyber Operations Against Ukraine
March 8, 2022

For a few months Cluster25 collected and analyzed several malicious activities which then were internally linked with th...

Read this article

RuRAT used in spear-phishing attacks against media organisations in United States
RuRAT used in spear-phishing attacks against media organisations in United States
March 3, 2022

INTRODUCTION On 23.02.2022 one of our partners received a very specific targeted spear-phishing email message which lead...

Read this article

Conti's Source Code: Deep Dive
Conti's Source Code: Deep Dive
March 2, 2022

 INTRODUCTION On 25.02.2022 cybercrime group Conti published the following statement on their shame blog:   The post was...

Read this article

Ukraine: Analysis of the new disk-wiping malware (HermeticWiper)
Ukraine: Analysis of the new disk-wiping malware (HermeticWiper)
February 24, 2022

Very recently a new type of destructive malware named by the security community “HermeticWiper” was used to attack organ...

Read this article

2021 Ransomware Bulletin: Recent, Past and Near Future of Cyber Extortion
2021 Ransomware Bulletin: Recent, Past and Near Future of Cyber Extortion
January 12, 2022

This past year 2021 was characterized by an increase in ransomware incidents, not only in regards to occurrence but also...

Read this article

North Korean Group “KONNI” Targets the Russian Diplomatic Sector with new Versions of Malware Implants
North Korean Group “KONNI” Targets the Russian Diplomatic Sector with new Versions of Malware Implants
January 3, 2022

Cluster25 analyzed a recent attack linked to the North Korean APT group “Konni” targeting Russian diplomatic sector usin...

Read this article

Dharma/Crysis: Overview and Adversary Tracking
Dharma/Crysis: Overview and Adversary Tracking
September 17, 2021

Dharma, a family of ransomware first spotted in 2016, is a malicious program that encrypts a victim’s files and takes as...

Read this article

A RattleSnake in the Navy
A RattleSnake in the Navy
September 10, 2021

Recent geopolitical events are leading to an increase in cyber operations in the Central Asian region. Among the actors ...

Read this article

A not so Fancy game. Exploring the new “SkinnyBoy” Bear’s backdoor
A not so Fancy game. Exploring the new “SkinnyBoy” Bear’s backdoor
June 3, 2021

This paper presents an analysis of a new and never publicly reported malware internally dubbed as SkinnyBoy. Based on lo...

Read this article

Prev 1 2 3 Next
Categories
Popular Posts
In the footsteps of the Fancy Bea...
September 23, 2022
Sanctioned deals: the Irano-Russi...
November 7, 2022
Erbium InfoStealer Enters the Sce...
September 15, 2022