Threat Update: Turla Group Malware Targets UK
November 30, 2017
New intelligence is available from the United Kingdom's National Cyber Security Centre (NCSC) on two tools used by the Turla group to target the UK, known as Neuron and Nautilus.
The malware, often used in conjunction with the Snake rootkit, could allow attackers to gain remote access to and control of the target environments. The report, available here, contains indicators of compromise and signatures that will enable the information security community to search for and identify the intrusions on their networks.
As more signatures become available, ensure that your anti-virus systems are up to date. Herjavec Group recommends checking for the presence of these malicious tools, regardless of whether or not you have been compromised by the Turla group in the past.
For more information please connect with a Herjavec Group security specialist.
Herjavec Group circulates US – CERT advisories as this notification warrants attention and may have significance to your Enterprise network environment. If the following advisory is applicable to your environment, Herjavec Group recommends your IT team review the technical details included and monitor your environment for any susceptible systems. Herjavec Group’s analysts are working with applicable vendor partners to apply detection and mitigation strategies where appropriate. For Managed Services customers, our Managed Services team will engage with the appropriate technical contacts in your respective organizations directly to provide alerts, escalations, actions and or reports based our service agreement with you. If you have questions or concerns, please engage your Herjavec Group account representative directly or contact Herjavec Group.
About Herjavec Group
Dynamic IT entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. Herjavec Group delivers SOC 2 Type 2 certified managed security services supported by state-of-the-art, PCI compliant, Security Operations Centers, operated 24/7/365 by certified security professionals. This expertise is coupled with leadership positions across a wide range of functions including consulting, professional services & incident response. Herjavec Group has offices globally including across the United States, the United Kingdom, and Canada. For more information, visit www.herjavecgroup.com.