Blog

16 Results / Page 1 of 2

malware + APT + Intelligence Cluster25 / May 13, 2022

Cozy Smuggled Into the Box: APT29 Abusing Legitimate Software for Targeted Operations in Europe

Cozy Bear (aka Nobelium, APT29, The Dukes) is a well-resourced, highly dedicated and organized cyberespionage group that is believed to work in support of the decision-making process of Russian government since at least 2008. Nobelium primarily targets western governments and related organizations, with a particular focus on government, diplomat, political ...

Intelligence + malware Cluster25 / March 2, 2022

CONTI’S SOURCE CODE: DEEP-DIVE INTO

 INTRODUCTION On 25.02.2022 cybercrime group Conti published the following statement on their shame blog: The post was redacted several hours later with another one having more neutral tones, condemning the war and disaffiliating itself with the government while however emphasizing sentiments against the west. The post retained its threats of ...

APT Cluster25 / February 24, 2022

Ukraine: Analysis of the new disk-wiping malware (HermeticWiper)

Very recently a new type of destructive malware named by the security community “HermeticWiper” was used to attack organizations and entities in Ukraine shortly before Russia began military operations against the same country. HermeticWiper is an executable file signed with a likely stolen certificate issued to Hermetica Digital Ltd. It ...