15 Oct 2020

FIN11 Spun Out From TA505 Umbrella as Distinct Attack Group

Researchers have declared that FIN11 now represents a separate threat actor group and has split off from the cybercrime group known as TA505. Although there are similarities in the techniques and identifying tactics of the two groups, researchers have determined that they are two distinct and separate operating entities with

Read More
12 Oct 2020

Critical Zerologon Flaw Exploited in TA505 Attacks

Microsoft has reported a new campaign utilizing the critical Zerologon vulnerability previously disclosed to the public. Just days after witnessing the nation-state hacking group Mercury was observed leveraging the flaw, the TA505 Russian speaking threat group known for the Dridex banking Trojan and Locky Ransomware has been using the same

Read More
13 Nov 2019

Mexican Oil Company Pemex Hit by Ransomware

Parts of the Petróleos Mexicanos (Pemex) oil company network were taken down after they suffered from a ransomware attack on Sunday. Although the attack was quickly neutralized and had a low quantitative impact on computers within the network, the attackers reportedly demanded a 565 BTC ($4.9 million) ransom, claiming they

Read More