×

Register to Access Intelligence Summary

First Name
Last Name
Job Title
Company
Country
State
Thank you!
Error - something went wrong!
   

Weekly Intelligence Summary 23 October 2020

October 23, 2020

A ruthless, ever-evolving cyber-threat group, “FIN11”, has been discovered deploying “Clop”: ransomware that encrypts and exfiltrates data. The newly identified, financially motivated group has been active since at least 2016, tirelessly upgrading its tactics, techniques, and procedures (TTPs) to achieve infection and evade detection. FIN11 shows technical sophistication and persistence, often re-infecting organizations after losing initial access. Analysis revealed many substantial similarities between FIN11 and “TA505”, another financially motivated group known to deploy Clop, although a connection between the two cannot be confirmed. FIN11 should be considered to pose a serious threat that will remain active and prevalent in 2020 and 2021.

Previous Post
Weekly: SandWorm Indicted by DOJ, Darkside Has A Soft Spot, and Ryuk's Super Speedy Attack!
Weekly: SandWorm Indicted by DOJ, Darkside Has A Soft Spot, and Ryuk's Super Speedy Attack!

ShadowTalk hosts Kacey, Alec, Austin, and Digital Shadows CISO Rick bring you the latest in threat intellig...

Next Post
Weekly: Sanctions from the DOT, Fancy Bear Targets the US Government, and Foreign Spies in Disguise!
Weekly: Sanctions from the DOT, Fancy Bear Targets the US Government, and Foreign Spies in Disguise!

ShadowTalk hosts Kacey, Alec, Charles and Digital Shadows CISO Rick bring you the latest in threat intellig...