Security News

The Russia-linked threat group known as Turla was observed using two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019, ESET reports. Also known as Waterbug, KRYPTON, Snake, and Venomous Bear, and active for more than a decade, Turla is known for the targeting of various diplomatic and military organizations, with a focus on NATO and Commonwealth of Independent States nations.

Unmasked: Russians Hijacked Iranian Attack Infrastructure and MalwareRussian attack group Turla has been named and shamed for hijacking Iranian nation-state attackers' infrastructure. The aim of...

The Russian-speaking APT stole the Neuron and Nautilus implants and accessed the Iranian APT's C2 infrastructure.

Russian-backed cell's Middle East campaign pretended to be of a Persian persuasion British and US spies have blamed Russian hacker group Turla for masquerading as Iranian hackers to launch recent...

A dropper called “Topinambour" is the first-stage implant, which in turn fetches a spy trojan built in several coding languages.

The Russia-linked threat group known as Turla has been using a sophisticated backdoor to hijack Microsoft Exchange mail servers, ESET reported on Tuesday. read more

Russian-speaking Turla has also racked up more victims in its latest APT campaign.

ESET security researchers have analyzed a new backdoor used by the Russian-speaking advanced persistent threat (APT) group known as Turla. read more

Gazer/WhiteBear is Sophisticated Malware That Has Been Used Against High-profile Targets Security researchers and ESET and Kaspersky Lab have unveiled details on a new backdoor used by the...

The Turla APT's WhiteBear toolset was used to attack defense organizations as recently as June, and diplomatic targets in Europe, Asia and South America during most of 2016.