Turla – Page 6 – WindowsTechs.com

Researchers uncover maze of hidden backdoors in European embassy and ministry systems

Posted on August 30, 2017 by Chris Bing

A series of covert backdoor implants were secretly installed over the last year on dozens of computers used by embassies and foreign ministries across Southeast Europe and former Soviet states, according to new research published by cybersecurity firm ESET. The malicious software was sent to victims through targeted phishing emails and allowed for a skilled group of hackers to remotely spy on foreign government officials and collect intelligence. Some cybersecurity firms believe the hacking group exposed by ESET, known as Turla, is connected to Russian intelligence services. The backdoor used by Turla has been codenamed Gazer. ESET describes Gazer as a stealthy and complex hacking tool that is difficult to detect. The implant receives encrypted code from an external server, which can execute commands either directly through the infected machine or via another computer on a shared network. In addition, ESET found evidence that Turla leverages a virtual file system […]

The post Researchers uncover maze of hidden backdoors in European embassy and ministry systems appeared first on Cyberscoop.

Continue reading Researchers uncover maze of hidden backdoors in European embassy and ministry systems→

Introducing WhiteBear

Posted on August 30, 2017 by GReAT

As a part of our Kaspersky APT Intelligence Reporting subscription, customers received an update in mid-February 2017 on some interesting APT activity that we called WhiteBear. It is a parallel project or second stage of the Skipper Turla cluster of activity documented in another private report. Like previous Turla activity, WhiteBear leverages compromised websites and hijacked satellite connections for command and control (C2) infrastructure. Continue reading Introducing WhiteBear→

New ESET research uncovers Gazer, the stealthy backdoor that spies on embassies

Posted on August 30, 2017 by Graham Cluley

Researchers uncover the activities of the notorious Turla cyberespionage group, and specifically a previously undocumented backdoor that has been used to spy on consulates and embassies worldwide.
Read more in my article on the We Live Security blog.
Continue reading New ESET research uncovers Gazer, the stealthy backdoor that spies on embassies→

Threatpost News Wrap, August 11, 2017

Posted on August 11, 2017 by Chris Brook

Mike Mimoso and Chris Brook discuss the news of the week including the return of the Mamba ransomware, APT trends, a mystery company’s 250K bug bounty, and a high schooler’s $10K bug bounty from Google. Continue reading Threatpost News Wrap, August 11, 2017→

Updates to Sofacy, Turla Highlight 2017 Q2 APT Activity

Posted on August 8, 2017 by Chris Brook

Attackers behind APT campaigns have kept busy in Q2 2017, adding new ways to bypass detection, crafting new payloads to drop, and identifying new zero days and backdoors to help them infect users and maintain persistence on machines.

Continue reading Updates to Sofacy, Turla Highlight 2017 Q2 APT Activity→

APT Trends report Q2 2017

Posted on August 8, 2017 by GReAT

Since 2014, Kaspersky Lab’s Global Research and Analysis Team (GReAT) has been providing threat intelligence reports to a wide-range of customers worldwide, leading to the delivery of a full and dedicated private reporting service. Prior to the new service offering, GReAT published research online for the general public in an effort to help combat the ever-increasing threat from nation-state and other advanced actors. Continue reading APT Trends report Q2 2017→

You’ll never guess where Russian spies are hiding their control servers

Posted on June 6, 2017 by Dan Goodin

Turla uses social media and clever programming techniques to cover its tracks. Continue reading You’ll never guess where Russian spies are hiding their control servers→

Microsoft Plugs Three Zero Day Holes as Part of May Patch Tuesday

Posted on May 9, 2017 by Tom Spring

Microsoft patched three zero day vulnerabilities actively under attack today as part of its May Patch Tuesday release. Continue reading Microsoft Plugs Three Zero Day Holes as Part of May Patch Tuesday→

Snake malware ported from Windows to Mac

Posted on May 5, 2017 by Thomas Reed

Snake, also known as Turla and Uroburos, is backdoor malware that has been around and infecting Windows systems since at least 2008. It is thought to be Russian governmental malware and on Windows is highly-sophisticated. It was even seen infecting Li… Continue reading Snake malware ported from Windows to Mac→

Ransomware, Cyberespionage Dominate Verizon DBIR

Posted on April 27, 2017 by Tom Spring

Verizon’s Data Breach Investigations Report for 2017 shows big growth in the reported number of ransomware attacks and incidents involving cyberespionage. Continue reading Ransomware, Cyberespionage Dominate Verizon DBIR→