Original release date: October 21, 2019
The National Security Agency (NSA) and the United Kingdom National Cyber Security Centre (NCSC) have released a joint advisory on advanced persistent threat (APT) group Turla—widely reported to be Russian. The advisory provides an update to NCSC’s January 2018 report on Turla’s use of the malicious Neuron, Nautilus, and Snake tools to steal sensitive data. Additionally, the advisory states that Turla has compromised—and is currently leveraging—an Iranian APT group’s infrastructure and resources, which include the Neuron and Nautilus tools.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following resources for more information:
• NSA Advisory Turla Group Exploits Iranian APT To Expand Coverage Of Victims
• UK NCSC Advisory Turla group exploits Iranian APT to expand coverage of victims
• January 2018 UK NCSC Report Turla Group Malware
This product is provided subject to this Notification and this Privacy & Use policy.
CISA released Microsegmentation in Zero Trust, Part One: Introduction and Planning as part of its…
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
Update (07/24/2025): CISA continues to update reporting on this ongoing activity, as threat actor tactics,…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released nine Industrial Control Systems (ICS) advisories on July 22, 2025. These advisories provide…
CISA released six Industrial Control Systems (ICS) advisories on July 24, 2025. These advisories provide…
This website uses cookies.