• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Over 100 Dell models exposed to critical ControlVault3 firmware bugs

 | 

How CTEM Boosts Visibility and Shrinks Attack Surfaces in Hybrid and Cloud Environments

 | 

WhatsApp cracks down on 6.8M scam accounts in global takedown

 | 

Trend Micro fixes two actively exploited Apex One RCE flaws

 | 

U.S. CISA adds D-Link cameras and Network Video Recorder flaws to its Known Exploited Vulnerabilities catalog

 | 

Google fixed two Qualcomm bugs that were actively exploited in the wild

 | 

Zero Day Quest returns: Microsoft ups the stakes with $5M bug bounty

 | 

Cisco disclosed a CRM data breach via vishing attack

 | 

Exposed Without a Breach: The Cost of Data Blindness

 | 

SonicWall investigates possible zero-day amid Akira ransomware surge

 | 

Chaining NVIDIA's Triton Server flaws exposes AI systems to remote takeover

 | 

Hacking group D4rk4rmy claimed the hack of Monte-Carlo Société des Bains de Mer

 | 

Northwest Radiologists data breach hits 350,000 in Washington

 | 

PlayPraetor Android RAT expands rapidly across Spanish and French-speaking regions

 | 

Lovense flaws expose emails and allow account takeover

 | 

Nation-state group CL-STA-0969 targeted Southeast Asian telecoms in 2024

 | 

Akira Ransomware targets SonicWall VPNs in likely zero-day attacks

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 56

 | 

Security Affairs newsletter Round 535 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

New Linux backdoor Plague bypasses auth via malicious PAM module

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me

Turla

Pierluigi Paganini February 15, 2020
The cyber attack against Austria’s foreign ministry has ended

Austria’s foreign ministry announced that the cyber attack against its systems, allegedly carried by a state actor has ended. Earlier January, Austria’s foreign ministry announced it was facing a “serious cyberattack” and that it could be the work of a nation-state actor. “Due to the gravity and nature of the attack, it cannot be ruled out […]

Pierluigi Paganini October 21, 2019
UK/US investigation revealed that Russian Turla APT masqueraded as Iranian hackers

A joint UK and US investigation has revealed that the Russian cyber espionage group Turla carried out cyber attacks masqueraded as Iranian hackers. According to the Financial Times, a joint UK and US investigation revealed that Russia-linked cyberespionage group Turla conducted several cyber attacks in more than 35 countries masqueraded as Iranian hackers. The use […]

Pierluigi Paganini June 21, 2019
Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig

Russia-Linked cyberespionage group Turla uses a new toolset and hijacked command and control infrastructure operated by Iran-Linked OilRig APT. Russia-linked Turla cyberspies used a new set of tools in new attacks and hijacked command and control infrastructure operated by Iran-Linked OilRig APT. Recent campaigns demonstrate that Turla continues to evolve its arsenal and adopt news […]

Pierluigi Paganini June 02, 2019
ESET analyzes Turla APT’s usage of weaponized PowerShell

Turla, the Russia-linked cyberespionage group, is weaponizing PowerShell scripts and is using them in attacks against EU diplomats. Turla (aka Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON), the Russia-linked APT group, is using weaponized PowerShell scripts in attacks aimed at EU diplomats. Turla group has been active since at least 2007 targeting government organizations and […]

Pierluigi Paganini May 07, 2019
LightNeuron, a Turla’s backdoor used to compromise exchange mail servers

Russia-linked APT group Turla has been using a sophisticated backdoor, dubbed LightNeuron, to hijack Microsoft Exchange mail servers. Russia-linked APT group Turla has been using a sophisticated backdoor, dubbed LightNeuron, to hijack Microsoft Exchange mail servers. Turla group (also known as Waterbug, Venomous Bear and KRYPTON) has been active since at least 2007 targeting government […]

Pierluigi Paganini October 08, 2018
Kaspersky shed lights on the overlap of operations conducted by Turla and Sofacy

Researchers from Kaspersky Lab collected evidence that demonstrates overlaps between the activity of Russian APT groups Turla and Sofacy.  In March, during the Kaspersky Security Analyst Summit held in Cancun, Kurt Baumgartner, Kaspersky principal security researcher, revealed the activity associated with Sofacy APT group appears to overlap with campaigns conducted by other cyber espionage groups. Baumgartner […]

Pierluigi Paganini August 23, 2018
Latest Turla backdoor leverages email PDF attachments as C&C mechanism

Malware researchers from ESET have published a detailed report on the latest variant of the Turla backdoor that leverages email PDF attachments as C&C. Malware researchers from ESET have conducted a new analysis of a backdoor used by the Russia-linked APT Turla in targeted espionage operations. The new analysis revealed a list of high-profile victims that was […]

Pierluigi Paganini May 23, 2018
Turla APT group leverages for the first time the Metasploit framework for the Mosquito campaign

Security experts from ESET observed the Turla APT group leveraging for the first time the Metasploit framework in the Mosquito campaign The Russia-linked Turla APT group continues its cyber espionage campaigns shifting towards more generic tools to remain under the radar. Turla is the name of a Russian cyber espionage APT group (also known as […]

Pierluigi Paganini June 08, 2017
Turla APT malware now retrieves C&C address from Instagram comments

A malicious code used by Turla APT in a recent campaign leverages comments posted to Instagram to obtain the address of the command and control servers. Malware researchers at security firm ESET have spotted a new piece of malware used by Turla APT  in cyber attacks. The malicious code leverages comments posted to Instagram to obtain […]

Pierluigi Paganini May 10, 2017
Microsoft Patch Tuesday updates for May 2017 fix Zero Days exploited by Russian APT groups

Microsoft Patch Tuesday for May 2017 address tens security vulnerabilities, including a number of zero-day flaws exploited by Russian APT groups. Microsoft Patch Tuesday updates for May 2017 fix more than 50 security flaws, including a number of zero-day vulnerabilities exploited by Russian APT groups. Microsoft released security updates for Windows, Internet Explorer, Edge, Office, […]

  • 1
  • 2
  • 3

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Over 100 Dell models exposed to critical ControlVault3 firmware bugs

    Hacking / August 07, 2025

    How CTEM Boosts Visibility and Shrinks Attack Surfaces in Hybrid and Cloud Environments

    Security / August 07, 2025

    WhatsApp cracks down on 6.8M scam accounts in global takedown

    Cyber Crime / August 06, 2025

    Trend Micro fixes two actively exploited Apex One RCE flaws

    Hacking / August 06, 2025

    U.S. CISA adds D-Link cameras and Network Video Recorder flaws to its Known Exploited Vulnerabilities catalog

    Security / August 06, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT