satellite-turla-apt-command-and-control-in-the-sky

Satellite Turla: APT Command and Control in the Sky

When you are an APT group, you need to deal with the constant seizure and takedown of C&C domains and servers. Some of the most advanced threat actors have found a solution — the use of satellite-based Internet links. In the past, we’ve seen three different actors using such links to mask their operations. The most interesting and unusual of them is the Turla group. Read Full Article

the-epic-turla-operation

The Epic Turla Operation

Over the last 10 months, we have analyzed a massive cyber-espionage operation which we call “Epic Turla”. The attackers have infected several hundred computers in more than 45 countries, including government institutions, embassies, military, education, research and pharmaceutical companies. We observed exploits against older (patched) vulnerabilities, social engineering techniques and watering hole strategies. Read Full Article

ksb-threat-predictions-for-2018

Kaspersky Security Bulletin: Threat Predictions for 2018

Looking back at a year like 2017 brings the internal conflict of being a security researcher into full view: on the one hand, each new event is an exciting new research avenue for us, as what were once theoretical problems find palpable expression in reality. On the other hand, as people with a heightened concern for the security posture of users at large, each event is a bigger catastrophe. Read Full Article

it-threat-evolution-q3-2017

IT threat evolution Q3 2017

Our growing dependence on technology, connectivity and data means that businesses present a bigger attack surface than ever. Targeted attackers have become more adept at exploiting their victims’ vulnerabilities to penetrate corporate defences while ‘flying under the radar’. Read Full Article

introducing-whitebear

Introducing WhiteBear

As a part of our Kaspersky APT Intelligence Reporting subscription, customers received an update in mid-February 2017 on some interesting APT activity that we called WhiteBear. It is a parallel project or second stage of the Skipper Turla cluster of activity documented in another private report. Like previous Turla activity, WhiteBear leverages compromised websites and hijacked satellite connections for command and control (C2) infrastructure. Read Full Article

apt-trends-report-q2-2017

APT Trends report Q2 2017

Since 2014, Kaspersky Lab’s Global Research and Analysis Team (GReAT) has been providing threat intelligence reports to a wide-range of customers worldwide, leading to the delivery of a full and dedicated private reporting service. Prior to the new service offering, GReAT published research online for the general public in an effort to help combat the ever-increasing threat from nation-state and other advanced actors. Read Full Article