Financially motivated FIN8 group attempted to compromise the networks of a U.S. financial organization using a new malware – Sardonic. Sardonic can establish persistence on the infected machine and collects system info, executes arbitrary commands, loads/executes extra plugins, and the results are sent remotely to a server of attackers. Organizations are advised to separate their PoS systems used by employees and educate them about the same.