Russian APT, Microsoft SMB Vulnerability, Virgin Media Data Leak, and More - Weekly Threat Briefing
Get COVID-19 Cyber Security Resources Learn More

Weekly Threat Briefing: Russian APT, Microsoft SMB Vulnerability, Virgin Media Data Leak, and More

March 17, 2020 | Anomali Threat Research Team

The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, Turla, Data leak, NSO, CVE, Phishing, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.

Observed Threats

Additional information regarding the threats discussed in this week's Weekly Threat Briefing can be found below:

Turla

The Advanced Persistent Threat (APT) group “Turla” is believed to be a Russian based group that has been active since at least 2007. Turla conducts cyber espionage against government entities around the world. The group is connected to the “Epic” cyber espionage campaign that targets government agencies around the globe, and is also connected to the Agent.btz worm that infected the network of the U.S. Department of Justice in 2008.

Anomali Threat Research Team
About the Author

Anomali Threat Research Team

Subscribe to the Anomali Newsletter—get the latest Anomali updates and cybersecurity news straight to your inbox each month.

Subscribe Now