en
GET A CONSULTATION
CVE-2023-38831 Exploited by Pro-Russia Hacking Groups in RU-UA Conflict Zone for Credential Harvesting Operations
CVE-2023-38831 Exploited by Pro-Russia Hacking Groups in RU-UA Conflict Zone for Credential Harvesting Operations
October 12, 2023

Cluster25 observed and analyzed several phishing-based attacks to be linked to a Russia-nexus nation-State threat actor....

Read this article

Cybersecurity Risks and Challenges in the Chemical Industry
Cybersecurity Risks and Challenges in the Chemical Industry
April 12, 2023

Cybersecurity is a critical concept to take into consideration in the chemical sector given the potential consequences a...

Read this article

Sanctioned deals: the Irano-Russian connection under Ankara's supervision. Analysis of the NPPD leak
Sanctioned deals: the Irano-Russian connection under Ankara's supervision. Analysis of the NPPD leak
November 7, 2022

On October 22nd, during the usual OSInt monitoring, Cluster25 detected the Farsi speaking hacktivist TA known as Black R...

Read this article

In the footsteps of the Fancy Bear: PowerPoint mouse-over event abused to deliver Graphite implants
In the footsteps of the Fancy Bear: PowerPoint mouse-over event abused to deliver Graphite implants
September 23, 2022

Cluster25 researchers collected and analyzed a lure document used to implant a variant of Graphite malware, uniquely lin...

Read this article

Cozy Smuggled Into the Box: APT29 Abusing Legitimate Software for Targeted Operations in Europe
Cozy Smuggled Into the Box: APT29 Abusing Legitimate Software for Targeted Operations in Europe
May 13, 2022

Cozy Bear (aka Nobelium, APT29, The Dukes) is a well-resourced, highly dedicated and organized cyberespionage group that...

Read this article

The strange link between a destructive malware and a ransomware-gang linked custom loader: IsaacWiper vs Vatet
The strange link between a destructive malware and a ransomware-gang linked custom loader: IsaacWiper vs Vatet
May 3, 2022

NOTICE: After additional reviews, the team at Cluster25 has determined that the code commonality identified in the two a...

Read this article

The Lotus Panda is Awake Again: Analysis of the Last Strike
The Lotus Panda is Awake Again: Analysis of the Last Strike
April 29, 2022

NAIKON is the name of an APT (Advanced Persistent Threat) which is believed to originate from China. The Naikon hacker g...

Read this article

DPRK-NEXUS Adversary Targets South Korean Individuals in a New Chapter of Kitty Phishing Operations
DPRK-NEXUS Adversary Targets South Korean Individuals in a New Chapter of Kitty Phishing Operations
April 11, 2022

The research team at Cluster25 traced a recent activity that started in the first days of April 2022 from a DPRK-nexus t...

Read this article

Ghostwriter / UNC1151 Adopts Microbackdoor Variants in Cyber Operations Against Ukraine
Ghostwriter / UNC1151 Adopts Microbackdoor Variants in Cyber Operations Against Ukraine
March 8, 2022

For a few months Cluster25 collected and analyzed several malicious activities which then were internally linked with th...

Read this article

Ukraine: Analysis of the new disk-wiping malware (HermeticWiper)
Ukraine: Analysis of the new disk-wiping malware (HermeticWiper)
February 24, 2022

Very recently a new type of destructive malware named by the security community “HermeticWiper” was used to attack organ...

Read this article

Prev 1 2 Next
Categories
Popular Posts
CVE-2023-38831 Exploited by Pro-R...
October 12, 2023
The Duck is Hiring in Italy: DUCK...
October 25, 2023
The Fraud Gala: Exploring a Recen...
August 25, 2023