Security News

Russia-Linked Turla Cyberspies Add More Malware to Arsenal
2020-03-12 18:40

The Russia-linked threat group known as Turla was observed using two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019, ESET reports. Also known as Waterbug, KRYPTON, Snake, and Venomous Bear, and active for more than a decade, Turla is known for the targeting of various diplomatic and military organizations, with a focus on NATO and Commonwealth of Independent States nations.

Turla Teardown: Why Attribute Nation-State Attacks?
2019-10-30 16:48

Unmasked: Russians Hijacked Iranian Attack Infrastructure and MalwareRussian attack group Turla has been named and shamed for hijacking Iranian nation-state attackers' infrastructure. The aim of...

Turla Compromises, Infiltrates Iranian APT Infrastructure
2019-10-21 17:52

The Russian-speaking APT stole the Neuron and Nautilus implants and accessed the Iranian APT's C2 infrastructure.

Iran? More like Ivan: Brit and US spies say they can see through Turla hacking group's facade
2019-10-21 10:06

Russian-backed cell's Middle East campaign pretended to be of a Persian persuasion British and US spies have blamed Russian hacker group Turla for masquerading as Iranian hackers to launch recent...

Turla APT Returns with New Malware, Anti-Censorship Angle
2019-07-15 20:55

A dropper called “Topinambour" is the first-stage implant, which in turn fetches a spy trojan built in several coding languages.

Turla Uses Sophisticated Backdoor to Hijack Exchange Mail Servers
2019-05-07 13:36

The Russia-linked threat group known as Turla has been using a sophisticated backdoor to hijack Microsoft Exchange mail servers, ESET reported on Tuesday. read more

Virus Bulletin 2018: Turla APT Changes Shape with New Code and Targets
2018-10-04 19:14

Russian-speaking Turla has also racked up more victims in its latest APT campaign.

Turla Backdoor Controlled via Email Attachments
2018-08-23 17:53

ESET security researchers have analyzed a new backdoor used by the Russian-speaking advanced persistent threat (APT) group known as Turla. read more

Researchers Link New "Gazer" Backdoor to Turla Cyberspies (Security Week)
2017-08-31 12:13

Gazer/WhiteBear is Sophisticated Malware That Has Been Used Against High-profile Targets Security researchers and ESET and Kaspersky Lab have unveiled details on a new backdoor used by the...

Turla APT Used WhiteBear Espionage Tools Against Defense Industry, Embassies (Threatpost)
2017-08-30 19:18

The Turla APT's WhiteBear toolset was used to attack defense organizations as recently as June, and diplomatic targets in Europe, Asia and South America during most of 2016.