Finance

TA505 Modifies Techniques to Deploy Malware, Targets More Countries

27 August - 3 September 2019

Russian-speaking threat group TA505 has launched nine campaigns since July
Cyber_News_Finance

Russian-speaking threat group TA505 has launched nine campaigns since July against financial and education institutions in Turkey, Serbia, Romania, Korea, Canada, Czech Republic, and Hungary. In these campaigns, the group is observed to be adopting new techniques such as using ISO image attachments to distribute a new version of ServHelper backdoor and a DLL variant of FlawedAmmyy RAT. TA505 cybercriminal group is expected to devise new delivery methods to evade detection when distributing malware to its target organisations.

 

References:

TA505 At It Again: Variety is the Spice of ServHelper and FlawedAmmyy

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Solutioning

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence