Skip to main content
← All Articles

Tag

#Turla

5 articles

Advertisement

TH
CRITICAL
Threat Intel

Turla's STOCKSTAY Backdoor: Analysis of Campaigns & WinRAR Exploit

Google Threat Intelligence details STOCKSTAY, Turla's .NET backdoor for espionage targeting Ukraine and Europe, leveraging RDP & CVE-2025-8088.

Runtime Rebel Intel
13 min read·Jun 26, 2026
TH
CRITICAL
Threat Intel

Turla APT Deploys StockStay Backdoor in Ukraine Espionage Campaign

Russian APT Turla targets Ukrainian government and military entities with the custom StockStay backdoor for persistent access and cyber espionage.

Runtime Rebel Intel
3 min read·Jun 26, 2026
Turla Deploys New STOCKSTAY Backdoor in Ukraine Espionage Operations
CRITICAL
Threat Intel

Turla Deploys New STOCKSTAY Backdoor in Ukraine Espionage Operations

Google identifies STOCKSTAY, a new .NET backdoor by Russian actor Turla targeting Ukrainian military and Italian foreign policy interests via Windows systems.

Runtime Rebel Intel
3 min read·Jun 26, 2026
TH
HIGH
Threat Intel

Turla Updates Kazuar Backdoor with Modular P2P Botnet Capabilities

Russian threat actor Turla (Secret Blizzard) has upgraded its Kazuar backdoor with peer-to-peer botnet functionality and modular architecture for stealth.

Runtime Rebel Intel
4 min read·May 16, 2026
Turla Updates Kazuar Backdoor into Modular P2P Botnet for Persistence
HIGH
Threat Intel

Turla Updates Kazuar Backdoor into Modular P2P Botnet for Persistence

Russian threat actor Turla has evolved the Kazuar backdoor into a peer-to-peer botnet, enhancing stealth and resilience against command-and-control takedowns.

Runtime Rebel Intel
4 min read·May 15, 2026