Lucene search
K

9 matches found

The Hacker News
The Hacker News
added 2025/12/01 5:7 a.m.4 views

Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets

The threat actor known as Tomiris has been attributed to attacks targeting foreign ministries, intergovernmental organizations, and government entities in Russia with an aim to establish remote access and deploy additional tools. "These attacks highlight a notable shift in Tomiris's tactics, name...

7.4AI score
Exploits0
Securelist
Securelist
added 2025/11/28 7:0 a.m.20 views

Tomiris wreaks Havoc: New tools and techniques of the APT group

While tracking the activities of the Tomiris threat actor, we identified new malicious operations that began in early 2025. These attacks targeted foreign ministries, intergovernmental organizations, and government entities, demonstrating a focus on high-value political and diplomatic...

8.5AI score
Exploits0
Securelist
Securelist
added 2023/04/27 10:0 a.m.44 views

APT trends report Q1 2023

For more than five years, the Global Research and Analysis Team GReAT at Kaspersky has been publishing quarterly summaries of advanced persistent threat APT activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have publishe...

7.6AI score
Exploits0
hivepro
hivepro
added 2023/04/26 5:6 a.m.19 views

New Tomiris APT Group Targets Governments

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Tomiris is a Russian-speaking advanced persistent threat APT group that has been active since at least 2021 and is known for its use of sophisticated tactics and tools, including zero-day exploits and...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/24 2:0 p.m.3 views

Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering

The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings from Kaspersky reveal. "Tomiris's endgame consistently appears to be the regular theft of internal documents," security researchers Pierre Delcher an...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/24 2:0 p.m.29 views

Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering

The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings from Kaspersky reveal. "Tomiris's endgame consistently appears to be the regular theft of internal documents," security researchers Pierre Delcher an...

7.2AI score
Exploits0
Securelist
Securelist
added 2023/04/24 8:0 a.m.233 views

Tomiris called, they want their Turla malware back

Introduction We introduced Tomiris to the world in September 2021, following our investigation of a DNS-hijack against a government organization in the Commonwealth of Independent States CIS. Our initial report described links between a Tomiris Golang implant and SUNSHUTTLE which has been...

7.5CVSS9.1AI score0.99999EPSS
Exploits63
The Hacker News
The Hacker News
added 2021/09/30 7:40 a.m.36 views

New Tomiris Backdoor Found Linked to Hackers Behind SolarWinds Cyberattack

Cybersecurity researchers on Wednesday disclosed a previously undocumented backdoor likely designed and developed by the Nobelium advanced persistent threat APT behind last year's SolarWinds supply chain attack, joining the threat actor's ever-expanding arsenal of hacking tools...

7.7AI score
Exploits0
ThreatPost
ThreatPost
added 2021/09/29 2:45 p.m.27 views

‘Tomiris’ Backdoor Linked to SolarWinds Malware

Researchers have discovered a campaign delivering a previously unknown backdoor they’re calling Tomiris. Analysis of the new malware suggests that we may not have heard the last from the Nobelium advanced persistent threat APT behind the sprawling SolarWinds supply-chain attacks of 2020. Namely,...

6.8AI score
Exploits0References18
Rows per page
Query Builder