"Russia's Turla APT Abuses MSBuild to Deliver TinyTurla Backdoor"

The Russian-linked "Turla" Advanced Persistent Threat (APT) group has been using PDF and MSBuild project files to deliver the "TinyTurla" backdoor as a fileless payload. Researchers consider the campaign's seamless delivery a sophisticated advancement. Cyble Researchers and Intelligence Labs (CRIL) found the campaign, which uses emails with documents offering human rights seminar invitations or public advisories to infect users with TinyTurla. To lure victims, attackers also impersonate legitimate authorities. This article continues to discuss findings regarding the threat campaign aimed at infecting victims with the TinyTurla backdoor. 

Dark Reading reports "Russia's Turla APT Abuses MSBuild to Deliver TinyTurla Backdoor"

Submitted by grigby1