TURLA LIGHTNEURON One email away from remote code execution

May 7, 2019

Turla, also known as Snake, is one of oldest, still-active cyberespionage groups, with more than a decade of experience. Its operators mainly focus on high-profile targets such as governments and diplomatic entities in Europe, Central Asia and the Middle East. They are known for having breached major organizations such as the US Department of Defense in 2008 and the Swiss defense company RUAG in 2014. More recently, several European countries including France and the Czech Republic went public to denounce Turla’s attacks against their governments.

Spotlight

Mosaic451

Mosaic451 provides bespoke cyber operations, analysis, and critical infrastructure defense for high-risk, high-threat, complex and regulated (SOX, PCI, HIPAA, CIP, etc.) organizations in energy, finance, global distribution, government, healthcare, technology, and transportation. We protect complicated data and distribution systems, including water, hydro-electric, generation capacity, and transportation for tens of millions of Americans across the United States. We protect two of Southern California’s most prestigious healthcare systems; 31 hydro projects on the Columbia river basin alone; airports that serve over 90M passengers a year; and nuclear power plants in multiple states. Our operations methodology and leadership were forged in fire. Our team is drawn from the vanguard of US Military and Federal civilian cyber leadership, include the initial cadre of course developers for the USAF’s most prestigious cyber training program, the Cyber Warfare Operations Weapons Instructor

OTHER WHITEPAPERS
news image

Recommended Criteria for Cybersecurity Labeling of Consumer Software

whitePaper | February 4, 2022

Software is an integral part of life for the modern consumer. Nevertheless, most consumers take for granted and are unaware of the software upon which many products and services rely. From the consumer’s perspective, the very notion of what constitutes software may even be unclear. While enabling many benefits to consumers, that software that is, software normally used for personal, family, or household purposes can also have cybersecurity flaws or vulnerabilities which can directly affect safety, property, and productivity.

Read More
news image

Prevent Advanced Insider Threats With IBM Security Solutions

whitePaper | October 22, 2021

Are you confident that only the right people are getting access to your sensitive business assets? Organizations have to be concerned about privileged insiders compromising security and about outsiders posing as authorized users but who really aren't. Putting effective defenses into place, as a result, requires organizations to look both ways.

Read More
news image

The Definitive WFH Security Checklist: 10 Easy Steps to Safer Remote Access

whitePaper | September 15, 2022

Providing secure, fast remote access is a top priority as the modern workforce has become predominantly remote. Working from home (WFH) or outside the office was once a choice or a stopgap measure, but today, it’s critical for business agility.

Read More
news image

A Lifeline: Patient Safety and Cybersecurity

whitePaper | December 3, 2019

Healthcare information is unique and personal to us all.Indeed,the patient is at the center of healthcare, as it would not exist if the patient did not exist. Bits and bytes in today’s digital world have real significance when it come to patient care lives are on the line.

Read More
news image

Cross-Generational Security Of Mobile Telephony

whitePaper | August 4, 2022

Abstract— With the recent roll-outs of 5G networks and the rise of phones supporting the standard, it’s critical to examine the technical underpinnings of 5G system security. The fifth generation of 3GPP (3rd Generation Partnership Project) mobile telephony, the lack of understanding, outright hostility, and general confusion surrounding this roll-out is unmatched in the history of mobility. We aim to alleviate much of the confusion and hostility by providing an overarching description and security document.

Read More
news image

The Cyber Resilience Blueprint: A New Perspective on Security

whitePaper | December 15, 2019

In this sophisticated threat environment, traditional security tactics are failing. Symantec encourages organizations to revisit their security posture to build a more cyber resilient enterprise. Resilience is not defined by a series of checklists, but through evaluations based on the current threat environment and the acceptable risk level for the organization.

Read More

Spotlight

Mosaic451

Mosaic451 provides bespoke cyber operations, analysis, and critical infrastructure defense for high-risk, high-threat, complex and regulated (SOX, PCI, HIPAA, CIP, etc.) organizations in energy, finance, global distribution, government, healthcare, technology, and transportation. We protect complicated data and distribution systems, including water, hydro-electric, generation capacity, and transportation for tens of millions of Americans across the United States. We protect two of Southern California’s most prestigious healthcare systems; 31 hydro projects on the Columbia river basin alone; airports that serve over 90M passengers a year; and nuclear power plants in multiple states. Our operations methodology and leadership were forged in fire. Our team is drawn from the vanguard of US Military and Federal civilian cyber leadership, include the initial cadre of course developers for the USAF’s most prestigious cyber training program, the Cyber Warfare Operations Weapons Instructor

Events