Tag: banking
-
How FinServ Firms Can Navigate Secure Open Finance in 2025 and Beyond
Banks Must Secure APIs, Vet Partners and Prepare for Open Finance Threats in 2025 Open finance is revolutionizing banking, but it’s also expanding the attack surface. Discover the critical API, data privacy and third-party risks facing financial institutions in 2025 – and how to build a secure future. First seen on govinfosecurity.com Jump to article:…
-
Cybercriminals Attack Seychelles Offshore Banking as a Target
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/cybercriminals-attack-seychelles-offshore-banking-as-a-target
-
Cybercriminals Attack Seychelles Offshore Banking as a Target
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/cybercriminals-attack-seychelles-offshore-banking-as-a-target
-
Cyble Uncovers RedHook Android Trojan Targeting Vietnamese Users
Cybersecurity researchers at Cyble Research and Intelligence Labs (CRIL) have uncovered a new Android banking trojan called RedHook that is actively targeting Vietnamese mobile users. The malware is distributed via carefully crafted phishing sites impersonating trusted financial and government agencies. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/redhook-android-banking-trojan-exploiting/
-
Coyote malware is first-ever malware abusing Windows UI Automation
Tags: automation, banking, credentials, crypto, exploit, finance, framework, malware, microsoft, windowsNew Coyote malware uses Windows UI Automation to steal banking credentials, targeting Brazilian users across 75 banks and crypto platforms. Coyote malware is now the first to exploit Microsoft’s UI Automation framework in the wild, validating prior warnings from Akamai researchers in December 2024. The UI Automation (UIA) framework is a Microsoft accessibility framework that…
-
Breach Roundup: Suspected XSS Cybercrime Forum Admin Arrested
Also: Clorox Sues IT Vendor Over Password Blunder. This week, XSS forum admin arrested, Clorox sued Cognizant, Lumma Stealer is back, NY regulates water, U.S. maritime cybersecurity rules in effect, new Coyote banking Trojan, a hacker nabbed details of Mexico City auxiliary police, Latin America cyberattacks, and World Leaks stole synthetic data. First seen on…
-
Banking Trojan Coyote Abuses Windows UI Automation
It’s the first known instance of malware that abuses the UIA framework and has enabled dozens of attacks against banks and crypto exchanges in Brazil. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/banking-trojan-coyote-windows-ui-automation
-
Akamai Identifies Coyote Malware Variant Capable of Compromising Microsoft UIA Framework
Akamai researchers today disclosed they have discovered a variant of Coyote malware that extracts specific banking and cryptocurrency exchanges by compromising the UI Automation (UIA) framework developed by Microsoft. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/akamai-identifis-coyote-malware-variant-capable-of-compromising-microsoft-uia-framework/
-
New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials
The Windows banking trojan known as Coyote has become the first known malware strain to exploit the Windows accessibility framework called UI Automation (UIA) to harvest sensitive information.”The new Coyote variant is targeting Brazilian users, and uses UIA to extract credentials linked to 75 banking institutes’ web addresses and cryptocurrency exchanges,” Akamai security researcher Tomer…
-
Clive Palmer’s Trumpet of Patriots and United Australia parties hit with data breach
Data potentially compromised by the June ransomware attack includes banking records, contact details and employment historyThe political parties run by Australian mining magnate Clive Palmer have been hit with a ransomware attack, with banking records, employment history and other personal information potentially compromised.The Trumpet of Patriots, which ran <a href=”https://www.theguardian.com/australia-news/2025/may/04/clive-palmers-trumpet-of-patriots-fails-to-pick-up-single-lower-house-seat-despite-text-spam-and-ad-blitz”>but did not secure any seats…
-
OLG-Urteil: S-PushTAN für Transaktions-Authentifizierung unzureichend
Das von Sparkasse beim Online-Banking eingesetzte S-PushTAN-Verfahren ist für die Absicherung von Transaktionen unzureichend. Das hat das OLG-Dresden in einem Urteil festgestellt und einem Phishing-Opfer, welches grob fahrlässig handelte, einen Teil-Schadensersatz zugesprochen. Das S-PushTAN-Verfahren der Sparkassen Das S-PushTAN-Verfahren wird beim … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/16/olg-urteil-s-pushtan-fuer-transaktions-authentifizierung-unzureichend/
-
Verified, featured, and malicious: RedDirection campaign reveals browser marketplace failures
Browser hijacking and phishing risks: According to their research, the malicious code was embedded in each extension’s background service worker and used browser APIs to monitor tab activity. Captured data, including URLs and unique tracking IDs, was sent to attacker-controlled servers, which in turn provided redirect instructions.The setup enabled several attack scenarios, including redirection to…
-
Anatsa mobile malware returns to victimize North American bank customers
Android banking malware known as Anatsa was back for a brief but noticeable run in late June, researchers said. First seen on therecord.media Jump to article: therecord.media/anatsa-android-banking-malware-returns-north-america
-
New LogoKit Phishing Campaign Exploits Cloudflare Turnstile and Amazon S3 for Higher Success Rates
Cyble Research and Intelligence Labs (CRIL) recently discovered a very advanced phishing campaign that used the LogoKit phishing kit, which was initially discovered in 2021, to pose as reliable organizations such as Hungary’s Computer Emergency Response Team (HunCERT). This ongoing operation targets a diverse range of sectors, including banking and logistics, with a global reach…
-
Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play
Cybersecurity researchers have discovered an Android banking malware campaign that has leveraged a trojan named Anatsa to target users in North America using malicious apps published on Google’s official app marketplace.The malware, disguised as a “PDF Update” to a document viewer app, has been caught serving a deceptive overlay when users attempt to access their…
-
Android malware Anatsa infiltrates Google Play to target US banks
The Anatsa banking trojan has sneaked into Google Play once more via an app posing as a PDF viewer that counted more than 50,000 downloads. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/android-malware-anatsa-infiltrates-google-play-to-target-us-banks/
-
IT Worker arrested for selling access in $100M PIX cyber heist
Brazil arrests IT worker João Roque for aiding $100M PIX cyber heist, one of Brazil’s biggest banking system breaches. Brazilian police arrested João Roque (48), an IT employee at C&M, for allegedly aiding a cyberattack that stole over 540 million reais (~$100 million) via the PIX banking system. The company C&M links smaller banks to…
-
Malware Attacks on Android Devices Surge in Q2, Driven by Banking Trojans and Spyware
Dr.Web Security Space for mobile devices reported that malware activity on Android devices increased significantly in the second quarter of 2025. Adware trojans, particularly from the Android.HiddenAds family, remained the most prevalent threat, despite an 8.62% decrease in user encounters. These trojans often disguise themselves as harmless apps or hide within system directories, concealing their…
-
Qwizzserial Android Malware Masquerades as Legit Apps to Steal Banking Data and Intercept 2FA SMS
A new and alarming Android malware family, dubbed Qwizzserial, has emerged as a significant threat, particularly targeting users in Uzbekistan. Discovered by Group-IB in March 2024, this SMS stealer is designed to intercept two-factor authentication (2FA) codes and steal sensitive banking information, posing a severe risk to personal and financial security. Disguised as legitimate applications…
-
Malware Surge Hits Android: Adware, Trojans and Crypto Theft Lead Q2 Threats
Dr.Web reports Android malware surge in Q2 with adware, banking trojans and crypto theft hidden in fake apps, firmware and spyware targeting users. First seen on hackread.com Jump to article: hackread.com/android-malware-adware-trojan-crypto-theft-q2-threats/
-
YONO SBI Banking App Vulnerability Exposes Users to Manthe-Middle Attack
A critical security flaw has been discovered in the widely used YONO SBI: Banking & Lifestyle app, potentially exposing millions of users to man-in-the-middle (MITM) attacks and putting sensitive financial data at risk. The vulnerability, catalogued as CVE-2025-45080, affects version 1.23.36 of the app, which is developed by the State Bank of India (SBI) and…
-
âš¡ Weekly Recap: Airline Hacks, Citrix 0-Day, Outlook Malware, Banking Trojans and more
Ever wonder what happens when attackers don’t break the rules”, they just follow them better than we do? When systems work exactly as they’re built to, but that “by design” behavior quietly opens the door to risk?This week brings stories that make you stop and rethink what’s truly under control. It’s not always about a…
-
Europe’s AI strategy: Smart caution or missed opportunity?
Europe is banking on AI to help solve its economic problems. Productivity is stalling, and tech adoption is slow. Global competitors, especially the U.S., are pulling ahead. A … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/30/europe-ai-adoption-strategy/
-
ESET Warns Cybercriminals Are Targeting NFC Data for Contactless Payments
ESET researchers have uncovered a sophisticated attack vector exploiting Near Field Communication (NFC) data, initially targeting Czech banking customers but now spreading worldwide. According to the ESET Threat Report H1 2025, the incidence of NFC-related attacks has skyrocketed, with telemetry data showing a staggering 35-fold increase in the first half of 2025 compared to the…
-
Bankers Association’s Attack on Cybersecurity Transparency
Tags: attack, awareness, banking, breach, ciso, control, cybersecurity, data, extortion, finance, group, incident response, infrastructure, insurance, law, malicious, ransomware, riskA coalition of banking industry associations, including SIFA, the American Bankers Association (ABA), Bank Policy Institute (BPI), and several other lobbying groups have made a disgraceful appeal to the SEC to eliminate the rule requiring public disclosure of material cybersecurity incidents within four days of detection. This rule was established to ensure shareholders are properly…
-
âš¡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More
Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t seem urgent”, until they are. What if your environment is already being tested, just not in ways you expected?Some of the most dangerous moves are hidden in plain sight. It’s worth asking: what patterns are…
-
Godfather 2.0: Android-Malware nutzt Virtualisierung für Banking-Raubzüge in Echtzeit
Godfather 2.0 kapert Banking-Apps per Android-Virtualisierung. Neue Malware-Variante ermöglicht Echtzeit-Diebstahl trotz echter UI. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/malware/godfather-2-0-android-malware-nutzt-virtualisierung-fuer-banking-raubzuege-in-echtzeit-316912.html
-
Godfather Android trojan uses virtualization to hijack banking and crypto apps
Godfather Android trojan uses virtualization to hijack banking and crypto apps, stealing user funds, warns mobile security firm Zimperium. Zimperium zLabs has uncovered a major evolution of the GodFather Android trojan, which uses on-device virtualization to hijack real banking and crypto apps. Instead of using fake overlays, the malware creates a sandbox on the victim’s…