National Security Agency, NCSC Publish Advisory on Russian Government-Associated Threat

October 30, 2019

The US’s National Security Agency (NSA) and UK’s National Cyber Security Centre (NCSC) released a joint Cybersecurity Advisory detailing the activities of the Russian government-associated advanced persistent threat (APT) Turla group, also known as Uroburos, Waterbug, or VENOMOUS BEAR.

According to the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC), the advisory provides an update to previous NCSC reports of the group’s use of Iranian APT tools, such as Neuron and Nautilus, in their cyber operations against military establishments, government departments, universities, and scientific organizations, mainly in the Middle East.

Since November 2017, the NCSC has identified a new version of the Neuron malware. The new version has been modified to evade previous detection methods, says the NCSC. "Neuron operates on Microsoft Windows platforms, primarily targeting mail servers and web servers. The NCSC has observed this tool being used by the Turla group to maintain persistent network access and to conduct network operations. The compile times contained within these new binaries show that the actor implemented the required modifications to Neuron approximately five days after public releases by the NCSC and other vendors."

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 September

This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.

View More Create Account

National Security Agency, NCSC Publish Advisory on Russian Government-Associated Threat

Related Articles

Related Events

Report Abusive Comment