Tag: banking
-
FinStealer Malware Targets Leading Indian Bank’s Mobile Users, Stealing Login Credentials
Tags: banking, credentials, credit-card, cyber, cybersecurity, finance, india, login, malware, mobile, phishing, threatA new cybersecurity threat has emerged, targeting customers of a prominent Indian bank through fraudulent mobile applications. Dubbed >>FinStealer,
-
Top 5 ways attackers use generative AI to exploit your systems
Tags: access, ai, attack, authentication, awareness, banking, captcha, chatgpt, china, control, cyber, cybercrime, cybersecurity, defense, detection, exploit, extortion, finance, flaw, fraud, group, hacker, intelligence, LLM, malicious, malware, network, phishing, ransomware, resilience, service, spam, tactics, theft, threat, tool, vulnerability, zero-dayFacilitating malware development: Artificial intelligence can also be used to generate more sophisticated or at least less labour-intensive malware.For example, cybercriminals are using gen AI to create malicious HTML documents. The XWorm attack, initiated by HTML smuggling, which contains malicious code that downloads and runs the malware, bears the hallmarks of development via AI.”The loader’s…
-
Arvest Bank CISO on building a strong cybersecurity culture in banking
In this Help Net Security interview, Mike Calvi, CISO at Arvest Bank, discusses building a strong cybersecurity culture within the banking sector. He explains how leadership, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/11/mike-calvi-arvest-bank-banking-cybersecurity/
-
India’s banking on the bank.in domain cleaning up its financial services sector
With over 2,000 banks in operation, a domain only they can access has clear potential to make life harder for fraudsters First seen on theregister.com Jump to article: www.theregister.com/2025/02/10/india_bank_dotin_plan/
-
India wants all banking to happen at dedicated bank.in domain
With over 2,000 banks in operation, the potential to make life harder for fraudsters is obvious First seen on theregister.com Jump to article: www.theregister.com/2025/02/10/india_bank_dotin_plan/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 32
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Malicious packages deepseeek and deepseekai published in Python Package Index Coyote Banking Trojan: A Stealthy Attack via LNK Files The Mac Malware of 2024 Take My Money: OCR Crypto Wallet Thieves on Google Play and App…
-
India’s RBI Introduces Exclusive “bank.in” Domain to Combat Digital Banking Fraud
India’s central bank, the Reserve Bank of India (RBI), said it’s introducing an exclusive “bank.in” internet domain for banks in the country to combat digital financial fraud.”This initiative aims to reduce cyber security threats and malicious activities like phishing; and, streamline secure financial services, thereby enhancing trust in digital banking and payment services,” the RBI…
-
CIOs and CISOs grapple with DORA: Key challenges, compliance complexities
Tags: access, automation, banking, business, cio, ciso, communications, compliance, control, country, cyber, cybersecurity, data, dora, finance, framework, GDPR, governance, jobs, law, monitoring, network, nis-2, penetration-testing, privacy, regulation, resilience, risk, risk-management, service, skills, supply-chain, technology, threat, tool, training, vulnerabilityIn force since January, the Digital Operational Resilience Act (DORA) has required considerable effort from CIOs and CISOs at 20 types of financial entities to achieve compliance. For many, the journey is not complete.”In the past months, financial entities targeted by DORA have been busy internally defining roles and responsibilities related to ICT security, identifying…
-
India to launch new domain name for banks to fight digital fraud
India’s central bank is introducing an exclusive >>.bank.in
-
Basket of Bank Trojans Defraud Citizens of East India
Cheap banking scams are often easier to pull off in a country with older devices, fewer regulations, and experienced fraudsters. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/bank-trojans-defraud-citizens-east-india
-
New Banking Attacking Users of Indian banks to Steal Aadhar, PAN, ATM Credit Card PINs
A sophisticated malware campaign, dubbed >>FatBoyPanel,
-
Mobile Malware Targeting Indian Banks Exposes 50,000 Users
Indian banking malware attack exposes 50,000 users, stealing financial data via SMS interception and phishing First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mobile-malware-indian-banks/
-
Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks
A previously undocumented threat actor known as Silent Lynx has been linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan.”This threat group has previously targeted entities around Eastern Europe and Central Asian government think tanks involved in economic decision making and banking sector,” Seqrite Labs researcher Subhajeet Singha said in a technical report…
-
Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites
Coyote Banking Trojan targets Brazilian users, stealing data from over 70 financial applications and websites. FortiGuard Labs researchers detected a campaign using LNK files executing PowerShell commands to deploy the Coyote Banking Trojan. Threat actors target Brazilian users by stealing financial data, the malware can harvest sensitive information from over 70 financial applications and numerous…
-
The Stumbling Blocks of Open Banking
UK Banks Face Adoption Challenges and Cybersecurity Concerns. Despite its promise of innovation and cost efficiency, banks in the United Kingdom continue to struggle with the adoption of open banking. Consumer awareness, security concerns and a lack of incentives remain hurdles as stakeholders push for broader integration. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/stumbling-blocks-open-banking-a-27433
-
Coyote Malware Launches Stealthy Attack on Windows Systems via LNK Files
FortiGuard Labs has issued a high-severity alert regarding the Coyote Banking Trojan, a sophisticated malware targeting Microsoft Windows users. Over the past month, researchers have identified malicious LNK files employing PowerShell commands to execute scripts and connect to remote servers, initiating a multi-stage attack. The primary objective of this Trojan is to harvest sensitive information…
-
Coyote Banking Trojan: a Threat to Banking Institutions
Over the past month, cybersecurity experts at FortiGuard Labs have identified a series of malicious Windows Shortcut (LNK) files containing PowerShell commands. These files serve as the initial stage of a sophisticated cyberattack aimed at delivering the Coyote Banking Trojan,… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/coyote-banking-trojan-a-threat-to-banking-institutions/
-
Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions
Brazilian Windows users are the target of a campaign that delivers a banking malware known as Coyote.”Once deployed, the Coyote Banking Trojan can carry out various malicious activities, including keylogging, capturing screenshots, and displaying phishing overlays to steal sensitive credentials,” Fortinet FortiGuard Labs researcher Cara Lin said in an analysis published last week.The First seen…
-
Banks must keep ahead of risks and reap AI rewards
AI has transformed banking across APAC. But is this transformation secure? First seen on theregister.com Jump to article: www.theregister.com/2025/01/21/banks_must_keep_ahead_of/
-
Open Banking Shortcomings Threaten UK Global Leadership Position Research Finds
APIContext has released its UK Open Banking API Performance 2023-2024 Report, the annual analysis of the performance of the open banking APIs exposed by the large CMA9 UK banks (the nine largest banks required by UK law to provide open banking services), traditional High Street banks, credit card providers, building societies, and new digital banks (neobanks).…
-
How AI and ML are transforming digital banking security
In this Help Net Security interview, Nuno Martins da Silveira Teodoro, VP of Group Cybersecurity at Solaris, discusses the latest advancements in digital banking security. He … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/14/nuno-martins-da-silveira-teodoro-solaris-ai-digital-banking-security/
-
The SBI fake banking app shows that SMS authentication has had its day
As a company fortunate enough to have and maintain our own pentesting team, we often do outreach with other organizations to assist with or provide our expertise in offensive … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/10/sms-authentication-weakness/
-
US Treasury Department workstations breached in attack attributed to China
Tags: access, advisory, apt, attack, banking, ceo, china, cloud, cybersecurity, government, hacking, infrastructure, intelligence, microsoft, russia, saas, service, supply-chain, threat, update, vulnerabilityThe US Department of the Treasury revealed on Monday that an attacker was able to bypass security, access an undisclosed number of Treasury workstations, and steal “certain unclassified documents,” in what it called a “major cybersecurity incident”.In a letter to the US Senate’s Committee on Banking, Housing and Urban Affairs, the Treasury Department said that…
-
Treasury Department Hit by Major Cybersecurity Incident, China Suspected
The U.S. Department of the Treasury has disclosed a major cybersecurity incident, potentially compromising sensitive government information. In a letter to the Senate Committee on Banking, Housing, and Urban Affairs,... First seen on securityonline.info Jump to article: securityonline.info/treasury-department-hit-by-major-cybersecurity-incident-china-suspected/
-
IAM Predictions for 2025: Identity as the Linchpin of Business Resilience
Tags: access, ai, apple, attack, authentication, banking, breach, business, cloud, compliance, corporate, credentials, crime, data, deep-fake, detection, finance, iam, identity, malicious, microsoft, mobile, office, passkey, password, privacy, regulation, resilience, risk, service, supply-chain, theft, threat, tool, vulnerabilityIAM Predictions for 2025: Identity as the Linchpin of Business Resilience madhav Thu, 12/19/2024 – 05:33 As we look toward 2025, the lessons of 2024 serve as a stark reminder of the rapidly evolving identity and access management (IAM) landscape. The numbers tell the story: The latest Identity Theft Resource Center report indicates that consumers…
-
India Sees Surge in API Attacks, Especially in Banking, Utilities
The number of DDoS-related incidents targeting APIs have jumped by 30x compared with traditional Web assets, suggesting that attackers see the growing API landscape as the more attractive target. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/india-surge-api-attacks-banking-utilities
-
Key strategies to enhance cyber resilience
Tags: attack, awareness, backup, banking, breach, business, ceo, compliance, control, crowdstrike, cyber, cybersecurity, data, finance, government, group, healthcare, incident, incident response, infrastructure, insurance, metric, network, phishing, programming, ransom, ransomware, resilience, risk, security-incident, service, skills, software, strategy, supply-chain, technology, threat, training, update, vulnerability, windowsThe faulty CrowdStrike software update that triggered IT outages on a global scale in July was a sobering reminder of the importance of incident response and business continuity plans.The update caused more than eight million Windows devices to crash and take down with them airline reservation systems, hospital and government services, financial and banking applications…
-
Balancing security and user experience to improve fraud prevention strategies
In this Help Net Security interview, Jennifer White, Senior Director for Banking and Payments Intelligence at J.D. Power, discusses how financial institutions can improve … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/17/jennifer-white-j-d-power-fraud-protection/
-
Hackers seek ransom after getting SSNs, banking info from state gov’t portal
Rhode Island said it’s being extorted after hack of Deloitte-run benefits system. First seen on arstechnica.com Jump to article: arstechnica.com/tech-policy/2024/12/hackers-infiltrate-rhode-island-benefits-portal-forcing-state-to-shut-it-down/