Russian-Linked Group Using Secondary Backdoor Against Targets

By Scott Ferguson
Bank Info Security
 6 days ago

Cover picture for the articleA Russian-linked group known as Turla has been deploying a secondary backdoor against numerous targets to maintain persistence within compromised devices even after the primary malware has been discovered and removed from the infrastructure, according to a research report released by Cisco Talos this week. The newly discovered backdoor, which...

ZDNet

Turla hacking group launches new backdoor in attacks against US, Afghanistan

The Turla hacking group is back with new weaponry, recently used in attacks against the US, Germany, and Afghanistan. On Tuesday, Cisco Talos said that the advanced persistent threat (APT) group, Russian in origin, has developed a new backdoor for persistence and stealth. Dubbed TinyTurla, the previously unknown backdoor is...
PUBLIC SAFETY
Bank Info Security

Russians Prevent Mēris Botnet From Hijacking 45,000 Devices

Following the massive DDoS attacks on Russian search engine Yandex, Russian cybersecurity firm Rostelecom-Solar claims it has stopped what it believes to be the Mēris botnet from wreaking further havoc by foiling its attempt to take over 45,000 new devices. Rostelecom is a Russian digital services provider with a separate...
PUBLIC SAFETY
Bank Info Security

Ransomware Updates: Conti Attacks Rise, New Players Surface

The latest edition of the ISMG Security Report features an analysis of how the U.S. government has been tracking an increase in the pace of attacks tied to Conti ransomware. In this report, you'll hear (click on player beneath image to listen):. ISMG's Mathew Schwartz detail how the U.S. government...
PUBLIC SAFETY
HackRead

Hackers hit Russian ministry, rocket center using MSHTML vulnerability

Microsoft Office zero-day also dubbed MSHTML attack exploited to target Russian government including Interior ministry and State Rocket Center. Malwarebytes Intelligence team reports that the MSHTML vulnerability classified as CVE-2021-40444 has become the focus of threat actors targeting Russian government entities. Malwarebytes researchers intercepted phishing email attachments revealing that attackers...
CHINA
Bank Info Security

Ransomware Patch or Perish: Attackers Exploit ColdFusion

For battling ransomware, experts advise security teams to keep current on how attackers have been hacking their latest victims. In particular, they need to learn from attacks that target other organizations in their sector, and apply this knowledge to ensure they have the right defenses in place to avoid becoming an attacker's next victim.
TECHNOLOGY
Bank Info Security

Conti Ransomware Attacks Surging, US Government Warns

The U.S. government has been tracking an increase in the pace of attacks tied to Conti ransomware, and is urging organizations to ensure they have robust defenses in place. A joint cybersecurity advisory from the U.S. Cybersecurity and Infrastructure Security Agency, FBI and National Security Agency warns that Conti has so far successfully hit more than 400 organizations based in the U.S. and abroad.
PUBLIC SAFETY
