We are proud to announce that Cluster25 has joined the VirusTotal community, improving its website/domain scanning eng...
Cluster25 researchers analyzed several campaigns (also publicly reported by CERT-AGID) that used phishing emails to sp...
On October 22nd, during the usual OSInt monitoring, Cluster25 detected the Farsi speaking hacktivist TA known as Black...
Cluster25 researchers collected and analyzed a lure document used to implant a variant of Graphite malware, uniquely lin...
On the 21st of July 2022 on a DWW (Deep/Dark Web) forum, a Russian speaking threat actor created an announcement about t...
LockBit is a major player in the ransomware scene and has contributed heavily for this cyber-crime model to become one o...
Cozy Bear (aka Nobelium, APT29, The Dukes) is a well-resourced, highly dedicated and organized cyberespionage group that...
NOTICE: After additional reviews, the team at Cluster25 has determined that the code commonality identified in the two a...
NAIKON is the name of an APT (Advanced Persistent Threat) which is believed to originate from China. The Naikon hacker g...
The research team at Cluster25 traced a recent activity that started in the first days of April 2022 from a DPRK-nexus t...