In December 2023, a new backdoor dubbed TinyTurla-NG was deployed by the Russia-affiliated threat actor Turla as part of a three-month campaign targeting Polish non-governmental organizations (NGOs). The threat actor utilized malicious PowerShell scripts hosted on various websites, exploiting vulnerable versions of WordPress for their C2 operations.
Get through updates and upcoming events, and more directly in your inbox