AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
![]() Microsoft's late 2021 observations revealed the group's intelligence gathering strategy, targeting telecom and IT companies in countries such as Armenia, Cyprus, Greece, Iraq, and Syria, exploiting known vulnerabilities to establish footholds for future attacks.įurther insights from PricewaterhouseCoopers (PwC) Threat Intelligence highlighted Sea Turtle's use of a Linux/Unix reverse TCP shell, known as SnappyTCP, during attacks between 20. Notably, Sea Turtle's threats surpassed those of DNSpionage due to its aggressive approach in targeting various DNS registrars and registries, as noted by Talos. They primarily utilized DNS hijacking to redirect domain queries to actor-controlled servers, allowing the harvesting of credentials. Sea Turtle, also known as Cosmic Wolf, Marbled Dust, Teal Kurma, and UNC1326, has a history documented by Cisco Talos since April 2019, focusing on state-sponsored attacks across the Middle East and North Africa. The campaign exploited vulnerable infrastructure susceptible to supply chain and island-hopping attacks. The attack aimed to gather politically motivated information, specifically targeting personal data on minority groups and potential political dissidents within these sectors. ![]() Dutch security firm Hunt & Hackett disclosed a recent cyber espionage campaign by Sea Turtle, a Turkiye-associated threat actor, targeting telecommunication, media, internet service providers (ISPs), IT-service providers, and Kurdish websites in the Netherlands.
0 Comments
Read More
Leave a Reply. |