Updated Kazuar backdoor deployed by Turla hacking group

3 November 2023

Attacks with an updated Kazuar second-stage payload with improved stealth and detection evasion capabilities have been launched by Russian state-backed hacking group Turla, also known as Pensive Ursa, according to The Hacker News. Aside from including sophisticated anti-analysis techniques and more robust obfuscation, Kazuar has also been improved to support 19 more features since its emergence in 2017, including those enabling extensive system profiling, credential exfiltration, file manipulation, data gathering, and arbitrary command execution, a report from Palo Alto Networks’ Unit 42 revealed.

Source: SC Magazine

Date:

3 November 2023

Categorie(s):

NEWS

Tag(s):

IT, News, Turla

Offensive Awakening: The 2024 Shift from Defensive to Proactive Security5 May 2024
End-to-end encryption may be the bane of cops, but they can’t close that Pandora’s Box5 May 2024
Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks5 May 2024
Navigating the Digital Age: AI’s Crucial Role in Cybersecurity Reinforcement5 May 2024
Dating apps kiss’n’tell all sorts of sensitive personal info4 May 2024