General

10 Results / Page 1 of 2

APT + malware + Intelligence Cluster25 / May 13, 2022

Cozy Smuggled Into the Box: APT29 Abusing Legitimate Software for Targeted Operations in Europe

Cozy Bear (aka Nobelium, APT29, The Dukes) is a well-resourced, highly dedicated and organized cyberespionage group that is believed to work in support of the decision-making process of Russian government since at least 2008. Nobelium primarily targets western governments and related organizations, with a particular focus on government, diplomat, political ...

APT Cluster25 / February 24, 2022

Ukraine: Analysis of the new disk-wiping malware (HermeticWiper)

Very recently a new type of destructive malware named by the security community “HermeticWiper” was used to attack organizations and entities in Ukraine shortly before Russia began military operations against the same country. HermeticWiper is an executable file signed with a likely stolen certificate issued to Hermetica Digital Ltd. It ...

APT + Intelligence Cluster25 / September 10, 2021

A RattleSnake in the Navy

Recent geopolitical events are leading to an increase in cyber operations in the Central Asian region. Among the actors involved in these activities there are certainly those believed to be close to the Indian government, such as RattleSnake. It is probably currently engaged in supporting a policy of raising the ...