sandworm (3)

9621446463?profile=RESIZE_400xA Russian-linked group known as Turla has been deploying a secondary backdoor against numerous targets to maintain persistence within compromised devices even after the primary malware has been discovered and removed from the infrastructure, according to a research report released by Cisco Talos this week.

The newly discovered backdoor, which the researchers call "TinyTurla," has been deployed against targets in the U.S. and Germany over the last two years. More recently, however, Turla has used

8574928466?profile=RESIZE_400xActivity Summary - Week Ending 19 February 2021:

  • VW Jetta Headlights VACAR-CN
  • Cheyenne Cloud Shards & C2 Compromise
  • Red Sky Alliance identified 37,941 connections from new unique IP addresses
  • Analysts identified 2,217 new IP addresses participating in various Botnets
  • Bazar/Team9 and MS
  • TX Wind Power Turbines Freeze
  • France and the Sandworm Group
  • Norway Oil worker’s Strike Averted
  • Major Oil find offshore in South Africa, Looks to Govt for Approval

Link to full article:  IR-21-050-001_Energy_050F

8083672063?profile=RESIZE_400xAlmost five years ago, the Russian hackers known as Sandworm hit western Ukraine with the first-ever cyberattack to cause a blackout.  A never-before-seen act of cyber warfare that turned out the lights for over 250,000 Ukrainians.  Since then, Sandworm has perpetrated countless destructive attacks; another blackout on the Ukrainian capital of Kyiv, the release of the NotPetya worm in 2017 that spread globally and eventually caused $10 billion in damage, and an attack that temporarily crippled t