We are proud to announce that Cluster25 has joined the VirusTotal community, improving its website/domain scanning eng...
Cluster25 researchers analyzed several campaigns (also publicly reported by CERT-AGID) that used phishing emails to sp...
On October 22nd, during the usual OSInt monitoring, Cluster25 detected the Farsi speaking hacktivist TA known as Black...
Cluster25 researchers collected and analyzed a lure document used to implant a variant of Graphite malware, uniquely lin...
On the 21st of July 2022 on a DWW (Deep/Dark Web) forum, a Russian speaking threat actor created an announcement about t...
LockBit is a major player in the ransomware scene and has contributed heavily for this cyber-crime model to become one o...
Cozy Bear (aka Nobelium, APT29, The Dukes) is a well-resourced, highly dedicated and organized cyberespionage group that...
NOTICE: After additional reviews, the team at Cluster25 has determined that the code commonality identified in the two a...
For a few months Cluster25 collected and analyzed several malicious activities which then were internally linked with th...
INTRODUCTION On 23.02.2022 one of our partners received a very specific targeted spear-phishing email message which lead...