National Cyber Awareness System:
release date: October 21, 2019
The National Security Agency (NSA) and the United Kingdom National Cyber
Security Centre (NCSC) have released a joint
advisory on advanced persistent threat (APT) group Turla—widely reported to
be Russian. The advisory provides an update to NCSC’s January 2018
report on Turla’s use of the malicious Neuron, Nautilus, and Snake tools to
steal sensitive data. Additionally, the advisory states that Turla has
compromised—and is currently leveraging—an Iranian APT group’s infrastructure
and resources, which include the Neuron and Nautilus tools.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users
and administrators to review the following resources for more information:
• NSA Advisory Turla
Group Exploits Iranian APT To Expand Coverage Of Victims
• UK NCSC Advisory Turla
group exploits Iranian APT to expand coverage of victims
• January 2018 UK NCSC Report Turla Group Malware