https://blog.talosintelligence.com/tinyturla-next-generationhttps://blog.talosintelligence.com/tinyturla

Cyble's publication is a resource for cybersecurity professionals and businesses seeking to stay ahead of evolving cyber threats. Through detailed analysis of threat intelligence, cybersecurity trends, and real-world cyber incidents, Cyble provides  insights into emerging threats, cyber attack tactics, and risk mitigation strategies. Readers can learn about threat detection methodologies, vulnerability assessment techniques, incident response protocols, and compliance standards to enhance their cybersecurity posture. Additionally, Cyble offers expert commentary, best practices, and actionable recommendations to help organizations protect their digital assets, safeguard sensitive data, and maintain business continuity in the face of cyber threats.

Cyble

A campaign utilizing malicious LNK files is observed, targeting individuals with a background or interest in human rights issues. The attackers use MSBuild to deliver a stealthy, fileless backdoor payload, which enables them to execute commands and take control of infected systems. The campaign is attributed to the Turla APT group from Russia.

Tiny BackDoor Goes Undetected – Suspected Turla leveraging MSBuild to Evade detection

Threat Actor Attribution to Turla APT Group