#turla — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #turla, aggregated by home.social.
-
EU, UK sanction Russian cyberespionage networks over destructive attacks
European governments sanctioned Russian individuals and organizations Monday over what they said was a years-long campaign of cyberespionage…
#Europe #EU #Austria #cyberespionage #Cyprus #Energy #EuropeanUnion #Finland #fsb #Germany #gru #lummastealer #Netherlands #Poland #Romania #Russia #secretblizzard #Slovakia #turla #unitedkingdom(u.k.)
https://www.europesays.com/europe/93170/ -
EU, UK sanction Russian cyberespionage networks over destructive attacks
European governments sanctioned Russian individuals and organizations Monday over what they said was a years-long campaign of cyberespionage…
#EuropeSays #Russia #Austria #cyberespionage #Cyprus #Energy #EuropeanUnion #Finland #FSB #Germany #gru #lummastealer #Netherlands #Poland #Romania #secretblizzard #Slovakia #turla #unitedkingdom(u.k.)
https://www.europesays.com/russia/39406/ -
EU, UK sanction Russian cyberespionage networks over destructive attacks https://www.byteseu.com/2192247/ #Austria #cyberespionage #Cyprus #Energy #EuropeanUnion #Finland #FSB #Germany #GreatBritain #GRU #LummaStealer #Netherlands #Poland #Romania #Russia #SecretBlizzard #Slovakia #turla #UnitedKingdom #UnitedKingdom(uK)
-
EU sanktioniert Russland wegen schwerer Cyberangriffe und Sabotage
EU sanktioniert Russland wegen schwerer Cyberangriffe und Sabotage Der Europäische Rat hat am Montag eine scharfe Rüge gegen…
#EuropeSays #EU #Europa #Cybercrime #EuropäischeUnion #FSB #GRU #Hacktivismus #Industriespionage #Iran #IT #Netzpolitik #NotPetya #Russland #Security #Turla #Ukraine-Krieg
https://www.europesays.com/europa/67583/ -
STOCKSTAY Another Day: The Latest Addition to Turla’s Intelligence Gathering Apparatus
Google Threat Intelligence Group has identified STOCKSTAY, a .NET backdoor continuously developed and deployed by Russia-linked Turla (FSB Center 16) since December 2022. The multi-component malware communicates via secure WebSocket connections and targets government and military organizations in Ukraine, as well as entities interested in Italian foreign policy. STOCKSTAY shares significant code overlaps with KAZUAR, particularly the K1MORPHER obfuscation mechanism. The threat actor employs academic and diplomatic lures, malicious RDP files, and compromised Ukrainian infrastructure for deployment. STOCKSTAY demonstrates environmental keying for configuration protection and operates at multiple operational stages. The malware's modular architecture separates C2 communication, task orchestration, and execution into distinct components, mirroring KAZUAR's design philosophy and indicating shared development resources within Turla's cyber espionage arsenal.
Pulse ID: 6a3db99d3f27ba984f5154ff
Pulse Link: https://otx.alienvault.com/pulse/6a3db99d3f27ba984f5154ff
Pulse Author: AlienVault
Created: 2026-06-25 23:28:29Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #CyberSecurity #Espionage #Google #Government #InfoSec #Italian #Kazuar #Malware #Military #NET #OTX #OpenThreatExchange #RAT #RCE #RDP #Russia #Turla #UK #Ukr #Ukraine #Ukrainian #bot #AlienVault
-
STOCKSTAY Another Day: The Latest Addition to Turla’s Intelligence Gathering Apparatus
Google Threat Intelligence Group has identified STOCKSTAY, a .NET backdoor continuously developed and deployed by Russia-linked Turla (FSB Center 16) since December 2022. The multi-component malware communicates via secure WebSocket connections and targets government and military organizations in Ukraine, as well as entities interested in Italian foreign policy. STOCKSTAY shares significant code overlaps with KAZUAR, particularly the K1MORPHER obfuscation mechanism. The threat actor employs academic and diplomatic lures, malicious RDP files, and compromised Ukrainian infrastructure for deployment. STOCKSTAY demonstrates environmental keying for configuration protection and operates at multiple operational stages. The malware's modular architecture separates C2 communication, task orchestration, and execution into distinct components, mirroring KAZUAR's design philosophy and indicating shared development resources within Turla's cyber espionage arsenal.
Pulse ID: 6a3db99d3f27ba984f5154ff
Pulse Link: https://otx.alienvault.com/pulse/6a3db99d3f27ba984f5154ff
Pulse Author: AlienVault
Created: 2026-06-25 23:28:29Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #CyberSecurity #Espionage #Google #Government #InfoSec #Italian #Kazuar #Malware #Military #NET #OTX #OpenThreatExchange #RAT #RCE #RDP #Russia #Turla #UK #Ukr #Ukraine #Ukrainian #bot #AlienVault
-
📰 Russian APT Turla Evolves Kazuar Backdoor into Stealthy P2P Botnet
🇷🇺 Russian APT Turla has upgraded its Kazuar backdoor into a modular P2P botnet. The new architecture enhances stealth and resilience, making it harder to detect and disrupt. The focus remains on long-term espionage. #Turla #APT #Kazuar #CyberSecur...
🌐 cyber[.]netsecops[.]io
-
Kazuar si evolve: Secret Blizzard (Turla) trasforma il suo backdoor storico in una botnet P2P modulare invisibile
Il gruppo russo Secret Blizzard (Turla/FSB) ha trasformato il malware Kazuar in una botnet peer-to-peer con tre moduli distinti (Kernel, Bridge, Worker) e 150 parametri di configurazione. La nuova architettura usa un sistema di elezione del leader per ridurre al minimo il traffico verso i server C2, rendendo il rilevamento estremamente difficile. Obiettivi: governi, ambasciate e settore difesa in Europa e Ucraina. -
Kazuar si evolve: Secret Blizzard (Turla) trasforma il suo backdoor storico in una botnet P2P modulare invisibile
Il gruppo russo Secret Blizzard (Turla/FSB) ha trasformato il malware Kazuar in una botnet peer-to-peer con tre moduli distinti (Kernel, Bridge, Worker) e 150 parametri di configurazione. La nuova architettura usa un sistema di elezione del leader per ridurre al minimo il traffico verso i server C2, rendendo il rilevamento estremamente difficile. Obiettivi: governi, ambasciate e settore difesa in Europa e Ucraina. -
Turla Upgrades Kazuar Backdoor to Modular P2P Botnet
Microsoft's Threat Intelligence team has uncovered a significant upgrade to the Kazuar backdoor by the notorious Russian state-sponsored group Turla, now a modular P2P botnet designed for long-term intelligence collection. This move enables Turla to maintain a persistent grip on compromised systems.
-
Pelmeni Wrapper: New Wrapper of Kazuar (Turla Backdoor)
A new malware sample used in targeted campaigns by the Turla APT group has been analyzed. The malware employs a new wrapper, dubbed Pelmeni, to deploy the Kazuar backdoor. Differences in exfiltration methods and logging from previous versions of Kazuar were identified.
Pulse ID: 65d5c00be70d5ee9ef2c57ce
Pulse Link: https://otx.alienvault.com/pulse/65d5c00be70d5ee9ef2c57ce
Pulse Author: AlienVault
Created: 2024-02-21 09:19:07Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#OTX #OpenThreatExchange #InfoSec #bot #CyberSecurity #Malware #BackDoor #RAT #Turla #Kazuar #AlienVault
-
APT Turla обновила обновила свои бэкдоры HyperStack, Kazuar и Carbon #APT, #Turla, #HyperStack, #Kazuar, #Carbon, #Accenture https://www.securitylab.ru/news/513523.php https://twitter.com/SecurityLabnews/status/1321810277571137536/photo/1