Turla Archives - Page 2 of 3 - Security Affairs

Pierluigi Paganini February 15, 2020

The cyber attack against Austria’s foreign ministry has ended

Austria’s foreign ministry announced that the cyber attack against its systems, allegedly carried by a state actor has ended. Earlier January, Austria’s foreign ministry announced it was facing a “serious cyberattack” and that it could be the work of a nation-state actor. “Due to the gravity and nature of the attack, it cannot be ruled out […]

Pierluigi Paganini October 21, 2019

UK/US investigation revealed that Russian Turla APT masqueraded as Iranian hackers

A joint UK and US investigation has revealed that the Russian cyber espionage group Turla carried out cyber attacks masqueraded as Iranian hackers. According to the Financial Times, a joint UK and US investigation revealed that Russia-linked cyberespionage group Turla conducted several cyber attacks in more than 35 countries masqueraded as Iranian hackers. The use […]

Pierluigi Paganini June 21, 2019

Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig

Russia-Linked cyberespionage group Turla uses a new toolset and hijacked command and control infrastructure operated by Iran-Linked OilRig APT. Russia-linked Turla cyberspies used a new set of tools in new attacks and hijacked command and control infrastructure operated by Iran-Linked OilRig APT. Recent campaigns demonstrate that Turla continues to evolve its arsenal and adopt news […]

Pierluigi Paganini June 02, 2019

ESET analyzes Turla APT’s usage of weaponized PowerShell

Turla, the Russia-linked cyberespionage group, is weaponizing PowerShell scripts and is using them in attacks against EU diplomats. Turla (aka Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON), the Russia-linked APT group, is using weaponized PowerShell scripts in attacks aimed at EU diplomats. Turla group has been active since at least 2007 targeting government organizations and […]

Pierluigi Paganini May 07, 2019

LightNeuron, a Turla’s backdoor used to compromise exchange mail servers

Russia-linked APT group Turla has been using a sophisticated backdoor, dubbed LightNeuron, to hijack Microsoft Exchange mail servers. Russia-linked APT group Turla has been using a sophisticated backdoor, dubbed LightNeuron, to hijack Microsoft Exchange mail servers. Turla group (also known as Waterbug, Venomous Bear and KRYPTON) has been active since at least 2007 targeting government […]

Pierluigi Paganini October 08, 2018

Kaspersky shed lights on the overlap of operations conducted by Turla and Sofacy

Researchers from Kaspersky Lab collected evidence that demonstrates overlaps between the activity of Russian APT groups Turla and Sofacy. In March, during the Kaspersky Security Analyst Summit held in Cancun, Kurt Baumgartner, Kaspersky principal security researcher, revealed the activity associated with Sofacy APT group appears to overlap with campaigns conducted by other cyber espionage groups. Baumgartner […]

Pierluigi Paganini August 23, 2018

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

Malware researchers from ESET have published a detailed report on the latest variant of the Turla backdoor that leverages email PDF attachments as C&C. Malware researchers from ESET have conducted a new analysis of a backdoor used by the Russia-linked APT Turla in targeted espionage operations. The new analysis revealed a list of high-profile victims that was […]

Pierluigi Paganini May 23, 2018

Turla APT group leverages for the first time the Metasploit framework for the Mosquito campaign

Security experts from ESET observed the Turla APT group leveraging for the first time the Metasploit framework in the Mosquito campaign The Russia-linked Turla APT group continues its cyber espionage campaigns shifting towards more generic tools to remain under the radar. Turla is the name of a Russian cyber espionage APT group (also known as […]

Pierluigi Paganini June 08, 2017

Turla APT malware now retrieves C&C address from Instagram comments

A malicious code used by Turla APT in a recent campaign leverages comments posted to Instagram to obtain the address of the command and control servers. Malware researchers at security firm ESET have spotted a new piece of malware used by Turla APT in cyber attacks. The malicious code leverages comments posted to Instagram to obtain […]

Pierluigi Paganini May 10, 2017

Microsoft Patch Tuesday updates for May 2017 fix Zero Days exploited by Russian APT groups

Microsoft Patch Tuesday for May 2017 address tens security vulnerabilities, including a number of zero-day flaws exploited by Russian APT groups. Microsoft Patch Tuesday updates for May 2017 fix more than 50 security flaws, including a number of zero-day vulnerabilities exploited by Russian APT groups. Microsoft released security updates for Windows, Internet Explorer, Edge, Office, […]

Turla

The cyber attack against Austria’s foreign ministry has ended

UK/US investigation revealed that Russian Turla APT masqueraded as Iranian hackers

Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig

ESET analyzes Turla APT’s usage of weaponized PowerShell

LightNeuron, a Turla’s backdoor used to compromise exchange mail servers

Kaspersky shed lights on the overlap of operations conducted by Turla and Sofacy

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

Turla APT group leverages for the first time the Metasploit framework for the Mosquito campaign

Turla APT malware now retrieves C&C address from Instagram comments

Microsoft Patch Tuesday updates for May 2017 fix Zero Days exploited by Russian APT groups

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Interlock ransomware group deploys new PHP-based RAT via FileFix

Global Louis Vuitton data breach impacts UK, South Korea, and Turkey

Experts uncover critical flaws in Kigen eSIM technology affecting billions

Spain awarded €12.3 million in contracts to Huawei

Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb

QUICK LINKS

Turla

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!