Collaborate Disseminate
Researchers may have found a link between Moonlight Maze of the late ’90s and the Turla APT, which would elevate Turla to the ranks of the Equation Group as an elite nation-state attacker. Continue reading Russian-Speaking Turla Joins APT Elite
Moonlight Maze is the stuff of cyberespionage legend. In 1996, in the infancy of the Internet, someone was rummaging through military, research, and university networks primarily in the United States, stealing sensitive information on a massive scale. To say that this historic threat actor is directly related to the modern day Turla would elevate an already formidable modern day attacker to another league altogether. Continue reading Penquin’s Moonlit Maze
A new, unique JavaScript payload is now being used by Turla in targeted attacks. This new payload, dubbed KopiLuwak, is being delivered using embedded macros within Office documents. Continue reading KopiLuwak: A New JavaScript Payload from Turla
Investigators continue to focus on attack attribution, but Kaspersky researchers speaking at CanSecWest 2016 caution that attackers are manipulating data used to tie attacks to perpetrators. Continue reading APT Attackers Flying More False Flags Than Ever