The ncsc.gov.uk advisory urge UK citizen and business enterprise staying alert for Turla group malware. The similar of alert announced 2 months ago. Per alert subject provided by NCSC the malware changed it shape already. But the attack target remain unchanged, the malware target Microsoft products especially Exchange mail server and IIS web server. Perhaps this incident contains the similarity of APT attack. As said I can’t predict who is the perpetrator. Let’s me echo my observation which posted 2 months ago. The most famous tools (rootkit) “snake” was designed by this group. Since “snake” implemented few years. Therefore a new tools (Nautilus and Neuron) has been deployed to replacing the “snake” position. Meanwhile the target will be focus on both client (endpoint) and server. Read the technical articles is a burden to IT guy since many cyber attacks in frequent. The quick and dirty way to provide a shortest path to IT guy is a key term. What to do, right. Yes, below free of charge scan tool provided by Microsoft will help you in this regard (refer below url for reference).
Should you have interest of this incident. Please find the details in below url: