Uhkametsä

22: Turla

Jouni Mikkola & Juuso Myllylä Episode 22

Uhkametsällä perehdytään pahamaineiseen Turla APT ryhmään perusteellisesti. Jaksossa käsitellään Turlan historiaa nykypäivään asti. Tarkastetaan myös lopuksi viimeaikaiset trendit haittaohjelmissa.

Lähteet:
https://www.industrialcybersecuritypulse.com/threats-vulnerabilities/throwback-attack-russian-apt-group-turla-has-hit-45-countries-since-2004/
https://attack.mitre.org/groups/G0010/
https://securelist.com/the-epic-turla-operation/65545/
https://exatrack.com/public/Tricephalic_Hellkeeper.pdf
https://www.welivesecurity.com/wp-content/uploads/2020/05/ESET_Turla_ComRAT.pdf
https://www.cfr.org/cyber-operations/agentbtz
https://www.latimes.com/archives/la-xpm-2008-nov-28-na-cyberattack28-story.html
https://paper.bobylive.com/Security/APT_Report/A_Threat_Actor_Encyclopedia.pdf
https://www.kaspersky.com/blog/moonlight-maze-the-lessons/6713/
https://dmfrsecurity.com/2022/01/15/100-days-of-yara-day-27-loki2/
http://phrack.org/issues/49/6.html
http://phrack.org/issues/51/6.html
https://securelist.com/penquins-moonlit-maze/77883/
https://securelist.com/agent-btz-a-source-of-inspiration/58551/
http://blog.threatexpert.com/2008/11/agentbtz-threat-that-hit-pentagon.html
https://www.mtvuutiset.fi/artikkeli/mtv3-suomen-ulkoministerio-laajan-verkkovakoilun-kohteena-vuosia/2369718
https://securelist.com/satellite-turla-apt-command-and-control-in-the-sky/72081/
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2014/08/20082353/GData_Uroburos_RedPaper_EN_v1.pdf
https://www.govcert.ch/downloads/whitepapers/Report_Ruag-Espionage-Case.pdf
https://www.telsy.com/following-the-turlas-skipper-over-the-ocean-of-cyber-operations/
https://yle.fi/a/3-8591548
https://www.welivesecurity.com/2017/03/30/carbon-paper-peering-turlas-second-stage-backdoor/
https://cyberscoop.com/gazer-backdoor-turla-eset-2017/
https://blogs.blackberry.com/en/2017/06/this-week-in-security-6-09-2017
https://www.proofpoint.com/us/threat-insight/post/turla-apt-actor-refreshes-kopiluwak-javascript-backdoor-use-g20-themed-attack
https://www.welivesecurity.com/2018/05/22/turla-mosquito-shift-towards-generic-tools/
https://www.welivesecurity.com/2019/05/29/turla-powershell-usage/
https://www.theregister.com/2019/10/21/british_spies_russia_faking_iranian_hack/
https://www.mandiant.com/resources/blog/turla-galaxy-opportunity
https://techcrunch.com/2023/05/10/turla-snake-malware-network-russia-fsb/
https://securelist.com/sunburst-backdoor-kazuar/99981/  

Instagram: https://www.instagram.com/uhkametsa/
Linkedin: https://www.linkedin.com/company/uhkametsa/

People on this episode