#Turla

@matricedigitale.bsky.social

3 months ago

Tomiris espande nel 2025 il proprio arsenale con impianti multi-linguaggio, C2 su Telegram e Discord, framework Havoc e AdaptixC2 e targeting diplomatico.

#AdaptixC2 #Havoc #Telegram #Tomiris #Turla
www.matricedigitale.it/2025/12/01/t...

clibm079

@clibm079.bsky.social

4 months ago

🚨 2025.05 RESEARCH
Static Analysis of Turla’s Uroboros: Revealing Core Tactics and Technical Mindset
🔗malwareanalysisspace.blogspot.com/2025/05/static-analysis-...
#Turla #Uroboros #kernel #rootkit #CoreTactics #TechnicalMindset

GetNews.me

@getnews-me.bsky.social

5 months ago

ESET reveals Turla and Gamaredon collaboration

ESET reports FSB‑linked groups Turla and Gamaredon coordinated in Ukraine, with Gamaredon deploying Ptero tools while Turla installed Kazuar v3 on compromised machines during four incidents in February. Read more: getnews.me/eset-reveals-turla-and-g... #turla #gamaredon

Ars Technica News

@arstechni.ca

5 months ago

Two of the Kremlin’s most active hack groups are collaborating, ESET says https://arstechni.ca #advancedpersistentthreat #gamaredon #Security #Biz&IT #russia #turla #APT

Linux-Maintainers

@linux-maintainers.activitypub.awakari.com.ap.brid.gy

5 months ago

Two of the Kremlin’s most active hack groups are collaborating, ESET says Turla is getting a helping hand from Gamaredon. Both are units of Russia's FSB. Two of the Kremlin’s most active ha...

#Biz #& #IT #Security #advanced #persistent #threat #APT […]

[Original post on arstechnica.com]

The Daily Tech Feed

@thedailytechfeed.com

5 months ago

Russian hacking groups Gamaredon and Turla collaborate to deploy Kazuar backdoor in Ukraine, marking a significant escalation in coordinated cyber operations. #CyberSecurity #Ukraine #Gamaredon #Turla Link: thedailytechfeed.com/russian-cybe...

The Daily Tech Feed

@thedailytechfeed.com

5 months ago

Russian cyber groups Turla and Gamaredon collaborate in targeted attacks on Ukraine, deploying sophisticated malware to compromise sensitive systems. #CyberSecurity #Ukraine #Turla #Gamaredon Link: thedailytechfeed.com/collaboratio...

@matricedigitale.bsky.social

5 months ago

Gamaredon e Turla cooperano in Ucraina: PteroGraphin riavvia Kazuar, accesso massivo e impianto selettivo elevano il rischio per reti governative.

#ESET #evidenza #fsb #Gamaredon #Kazuar #PteroGraphin #turla #ucraina
www.matricedigitale.it/2025/09/19/g...

Mathew J Schwartz

@mathewjschwartz.bsky.social

7 months ago

Russia Uses ISPs to Spy on Diplomats, Warns Microsoft Russian intelligence since 2024 has been using their country's internet service providers to run adversary-in-the-middle attacks designed to infect diplomats inside

Russia uses domestic ISPs to spy on diplomats, warns Microsoft
www.databreachtoday.com/russia-uses-... #SecretBlizzard #Turla

Winbuzzer

@winbuzzer.com

7 months ago

Microsoft: Russian State Hackers Are Spying on Embassies via ISP-Level Attacks

#CyberSecurity #Russia #Microsoft #Hacking #FSB #Turla #ThreatIntel

winbuzzer.com/2025/07/31/m...

Mr.Pink

@mstapink.bsky.social

8 months ago

More work on the grunt
#halo #fanart #grunt #spv3 #legacies #halolegacies #turla #turtle #wip #characterart

キタきつね

@kitafox.bsky.social

1 year ago

Russia's Secret Blizzard APT targets Ukraine with Kazuar backdoor Russia-linked APT group Secret Blizzard is using Amadey Malware-as-a-Service to infect systems in Ukraine with the Kazuar backdoor.

ロシアの秘密のブリザードAPTがKazuarバックドアでウクライナを標的に

Russia’s Secret Blizzard APT targets Ukraine with Kazuar backdoor #SecurityAffairs (Sec 12)

#シークレットブリザード #Turla #ウクライナ軍 #サイバー攻撃 #マルウェア

SOC Prime

@socprime.com

1 year ago

Secret Blizzard Attack Detection: The russia-Linked APT Group Targets Ukraine via Amadey Malware to Deploy the Updated Kazuar Backdoor Version - SOC Prime Detect Secret Blizzard APT attacks targeting Ukraine via Amadey malware to deploy KazuarV2 backdoor with Sigma rules from SOC Prime Platform.

russia-backed #SecretBlizzard (aka #Turla) APT group leverages offensive tools and infrastructure of other hacking collectives to target Ukraine with KazuarV2 backdoor. Detect associated malicious activity with #Sigma rules.
socprime.com/blog/secret-...

#cybersecurity #infosec

キタきつね

@kitafox.bsky.social

1 year ago

For Russian spies, existing cybercrime tools become avenues into Ukrainian military devices A Kremlin-backed group tracked as Secret Blizzard or Turla recently used existing cybercrime infrastructure for an espionage campaign aimed at Ukrainian military devices.

ロシアのスパイにとって、既存のサイバー犯罪ツールはウクライナの軍事装置への侵入経路となる

For Russian spies, existing cybercrime tools become avenues into Ukrainian military devices #TheRecord (Dec 12)

#シークレットブリザード #Turla #ウクライナ軍 #サイバー攻撃 #マルウェア

CyberScoop

@cyberscoop.bsky.social

1 year ago

Turla living off other cybercriminals’ tools in order to attack Ukrainian targets Russian-linked threat actors Turla have been observed using cybercriminal tools to penetrate Ukrainian military networks.

#Turla living off other cybercriminals’ tools in order to attack #Ukrainian targets cyberscoop.com/turla-levera...

CyberWatchers

@cyberwatchers.bsky.social

1 year ago

Russia's Secret Blizzard APT targets Ukraine with Kazuar backdoor Russia-linked APT group Secret Blizzard is using Amadey Malware-as-a-Service to infect systems in Ukraine with the Kazuar backdoor.

Russia-linked APT group Secret Blizzard is using Amadey Malware-as-a-Service to infect systems in Ukraine with the Kazuar backdoor. #Turla, #Snake, #Uroburos
securityaffairs.com/171896/apt/s...

キタきつね

@kitafox.bsky.social

1 year ago

Russian cyber spies hide behind other hackers to target Ukraine Russian cyber-espionage group Turla, aka "Secret Blizzard," is utilizing other threat actors' infrastructure to target Ukrainian military devices connected via Starlink.

ロシアのサイバースパイが他のハッカーの背後に隠れてウクライナを狙う

Russian cyber spies hide behind other hackers to target Ukraine #BleepingComputer (Dec 11)

#Turla #シークレットブリザード #ウクライナ #サイバー諜報 #マルウェア

Nicolas Caproni

@caproni.fr

1 year ago

Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine | Microsoft Security Blog Since January 2024, Microsoft has observed Secret Blizzard using the tools or infrastructure of other threat groups to attack targets in Ukraine and download its custom backdoors Tavdig and KazuarV2.

🇷🇺 Frequent freeloader part II: Russian actor Secret Blizzard (aka #Turla) using tools of other groups to attack Ukraine

Knut Frode Pettersson

@furode.bsky.social

1 year ago

Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage | Microsoft Security Blog Microsoft has observed Secret Blizzard compromising the infrastructure and backdoors of the Pakistan-based threat actor we track as Storm-0156 for espionage against the Afghanistan government and Indi...

More on the same #cybersecurity topic.

#VenomousBear #SecretBlizzard #Turla

www.microsoft.com/en-us/securi...

曖昧ナ犬

@aimainainnu.bsky.social

1 year ago

ロシア関連APTグループTurla、パキスタングループのサーバー利用しアフガンおよびインドの標的を狙う | Codebook｜Security News ロシア関連APTグループTurla、パキスタングループのサーバー利用しアフガンおよびインドの標的を狙う｜米保険大手UnitedHealthcare社CEO、NYで射殺される

#ロシア 関連 #APTグループ #Turla ､ #パキスタン グループのサーバー利用し #アフガン および #インド の標的を狙う | Codebook｜Security News
Black Lotus Labsによれば、同研究チームが2022年12月に初めて観測した攻撃 ... インテリジェンス要件定義に関するガイドブック：『要件主導型インテリジェンス ...
codebook.machinarecord.com/threatreport...

kladblokje_88

@verysecret.agency

1 year ago

Advisory: Turla group exploits Iranian APT to expand coverage of victims A joint report from the NCSC and NSA highlighting Turla activity

I was talking to a colleague about that #turla breach of #sidecopy that was released by Lumen and MSTIC.

He reminded me of something that seems to be a trend among this group. They did similar things to #oilrig in 2019

www.ncsc.gov.uk/news/turla-g...

shramanack

@shramanack.bsky.social

1 year ago

Not So False Flag: the Adversary of my Adversary is my … -> www.conquer-your-risk.com/2024/12/05/n...

#cyber #threatintel #falseflag #malware #turla #apt28 #lazarus #apt34 #counterintelligence #deception

キタきつね

@kitafox.bsky.social

1 year ago

Russian hackers hijack Pakistani hackers' servers for their own attacks The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156's infrastructure to launch their own covert attacks on already compromised…

ロシアのハッカーがパキスタンのハッカーのサーバーを乗っ取り、自らの攻撃に利用

Russian hackers hijack Pakistani hackers' servers for their own attacks #BleepingComputer (Dec 4)

#サイバー諜報 #Turla #Storm-0156 #インフラ乗っ取り #ロシア連邦保安庁

uRi

@usabach.leftodon.social.ap.brid.gy

1 year ago

זה באמת סיפור נחמד: קבוצת התקיפה הרוסית #Turla השתלטה על רשת של קבוצת תקיפה פקיסטנית (Storm-0156), והשתמשה בתשתית שלה כדי להפיץ רושעות, רוגלות ושאר קוקיות משל עצמה לקורבנות בהודו, אפגניסטאן.
blog.lumen.com/snowblind-the-invisible-...
#AttributionWars #Cyber

Nicolas Caproni

@caproni.fr

1 year ago

Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage | Microsoft Security Blog Microsoft has observed Secret Blizzard compromising the infrastructure and backdoors of the Pakistan-based threat actor we track as Storm-0156 for espionage against the Afghanistan government and…

How 🇷🇺 #Turla used the infrastructure of 🇵🇰 #APT36 to install backdoors and collect intelligence on targets of interest in South Asia.

CyberScoop

@cyberscoop.bsky.social

1 year ago

Russian-linked Turla caught using Pakistani APT infrastructure for espionage A Russian cyber-espionage group has been caught using networks associated with a Pakistani-based APT group.

Russian-linked #Turla caught using #Pakistani #APT #infrastructure for #espionage. Both Microsoft and Lumen’s BlackLotus Labs found Turla #spying on #Afghanistan and #India via Pakistani infrastructure. via @gregotto.bsky.social cyberscoop.com/turla-infilt...