‘Security researchers have found links between the attackers and #Turla, a sophisticated team suspected of operating out of Moscow’s #FSB intelligence agency.’
“…believe the SolarWinds #hackers and #Turla aren't one and the same. But … one #hacker group at the very least ‘inspired’ the other, and they may have common members between them or a shared #software developer building their #malware.”
“… That actually makes the connection more significant … ‘It’s more like handwriting. That handwriting or style propagates to different projects written by the same person.'"
“…Barring the improbable scenario that the SolarWinds hackers saw an earlier version of the #Kazuar malware that no one else in the cybersecurity industry spotted, that suggests #Turla & SolarWinds hackers are instead using tools that are part of the same chain of development.”
“#Turla (aka #VenomousBear and #Waterbug) has been coordinating information theft and espionage campaigns as far back as 1996 & is the main suspect behind attacks targeting the Pentagon and NASA, the U.S. Central Command, & the Finnish Foreign Ministry.”
“The #Russian (specifically APT28, APT29, and #Turla) and North Korean (specifically Lazarus) threat actors are considered to be the most advanced groups of all due to their capability of using custom toolsets, adopting the latest attack techniques, & …”
#Turla “is reported to be part of Russia’s #FSB (formerly KGB) and has carried out a series of operations targeting government and military agencies in at least 35 countries since 2008”
“…It is also not the first time the group has used legitimate tools and services as part of its malicious infrastructure.
In December 2020, security firm ESET uncovered a #cyberespionage campaign by #Turla that deployed a #backdoor called "#Crutch" that used Dropbox resources”
“The malware was serious business, Cyber Command officials said…& likely already had been used to target embassies, foreign affairs ministries & other targets in eastern Europe and central Asia. It was believed to be used to steal sensitive documents…”
“…from infected systems and execute its own programs…
U.S. intelligence agencies have repeatedly identified Russia and Russian-aligned agents as the source of hacking operations around the world, and the [U.S.] has levied or threatened sanctions to try to deter such attacks.”
"'The #APT customers, #Turla, APT28, and Buhtrap, are all commonly linked to Russia and it is interesting to find that even these advanced groups purchase exploits from exploit authors, instead of developing them in-house,’ the researchers say.”
“The #cyber-intrusions are especially directed at those that focus on international affairs or national security policy … perhaps unsurprisingly, given the geopolitical nature of #APTs, which tend to be backed by nation-states.”
“… #Turla, another Russian #APT, was attacking think-tanks & others by exploiting enterprise-friendly platforms — most notably Microsoft Exchange, Outlook Web Access and Outlook on the Web – in order to steal business credentials & other sensitive data.”
SolarWinds “is a perfect example of a state or state-sponsored actor turning their resources to cyberattack. Unlike typical cybercriminals, threats at this level have almost unlimited resources and target virtually anything that may forward their agenda.”
“#Turla has also been known to use satellite-based Internet connections to cover its tracks. … researchers observed Turla using what was then a zero-day vulnerability in Window to infiltrate European government and military computers.”
board member, founder, shareholder Positive Technologies company
“born in the city of Fryazino of the Moscow region. Graduated from physical faculty of Lomonosov Moscow State University (MSU) & a postgraduate study of MSU.”
“…Together with Dmitry #Maximov and Evgeny #Kireev worked on creation of the first versions of the intelligent XSpider scanner, popular development of Positive Technologies company, was an initiator of creation and took active part in formation of a system of…MaxPatrol.”
“From 966 onwards, the dukes of Normandy followed by the French kings, supported the development of a major Benedictine abbey on Mont-Saint-Michel. Magnificent monastic buildings were added throughout the Middle Ages, one vertiginous wing in particular…”
“Perched on a rocky islet in the midst of vast sandbanks exposed to powerful tides between Normandy and Brittany stand the 'Wonder of the West', a Gothic-style Benedictine abbey dedicated to the archangel St Michael, and the village that grew up in …”
“#Mastriano has appeared on Tucker Carlson, C-Span, numerous national radio programs (John Batchelor Show, Eric Metaxas Show) & on Fox Business with Stuart Varney. He retired from the U.S. Army in November 2017 after 30 years of active duty as a Colonel”
‘Erik Prince Recruits Ex-Spies to Help Infiltrate Liberal Groups’
‘Mr. Prince, a contractor close to the Trump administration, contacted veteran spies for operations by Project #Veritas, the conservative group known for …”
‘… known for conducting stings on news organizations and other groups.’
“occasionally using Mr. #Seddon to make the pitch — Mr. Prince said he wanted the Project #Veritas employees to learn skills like how to recruit sources and how to conduct clandestine recordings”
‘Ex-Spy Was Central to Project #Veritas Hiring Effort, Testimony Shows’
‘A British former intelligence officer was said to have recruited and interviewed potential hires as the conservative group sought to have former spies train employees.’
“The Logan Circle Group is headed by Harlan #Hill, another Trump advocate, who was banned last fall from appearing on…Fox News … after he tweeted that Vice President ‘Kamala Harris comes off as such an insufferable lying b----. Sorry, it's just true.’”
‘Gaetz-tied group threatens to sue reporters writing on his Trump relationship’
‘The Logan Circle Group warned journalists they risked a lawsuit if they didn’t retract reports that Trump was distancing himself from the embattled congressman.’
“… The official behind the recent legal threats is Erin #Elmore, a colleague of #Hill’s at the Washington-based consulting firm and a Season 3 contestant on ‘The Apprentice.’”