Tag: finance
-
Hackers Exploit Microsoft Employee Accounts in Salary Theft Scheme
Tags: attack, authentication, credentials, cyber, exploit, finance, hacker, intelligence, microsoft, phishing, theft, threatMicrosoft Threat Intelligence is sounding the alarm on a surge of sophisticated “payroll pirate” attacks, in which financially motivated adversaries hijack employee accounts to reroute salary payments to attacker-controlled bank accounts. In the first half of 2025, Storm-2657 launched a widespread phishing campaign against university staff, harvesting credentials and multifactor authentication (MFA) codes. Attackers deployed…
-
Hackers Exploit Microsoft Employee Accounts in Salary Theft Scheme
Tags: attack, authentication, credentials, cyber, exploit, finance, hacker, intelligence, microsoft, phishing, theft, threatMicrosoft Threat Intelligence is sounding the alarm on a surge of sophisticated “payroll pirate” attacks, in which financially motivated adversaries hijack employee accounts to reroute salary payments to attacker-controlled bank accounts. In the first half of 2025, Storm-2657 launched a widespread phishing campaign against university staff, harvesting credentials and multifactor authentication (MFA) codes. Attackers deployed…
-
Bank of England smells hint of dotcom bubble 2.0 in AI froth
UK central bank warns of ‘sudden correction’ in tech stocks First seen on theregister.com Jump to article: www.theregister.com/2025/10/08/boe_dotcom_bubble_ai/
-
Risk mitigation budgets swell as enterprise AI adoption grows
Governing AI comes at a cost, with most organizations increasing oversight investments in the next financial year, according to OneTrust data. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/AI-risk-mitigation-governance-oversight-data/802320/
-
Your cyber risk problem isn’t tech, it’s architecture
Tags: ai, attack, awareness, best-practice, business, ciso, cloud, compliance, container, control, csf, cyber, cybersecurity, data, data-breach, defense, finance, framework, GDPR, governance, grc, group, intelligence, Internet, ISO-27001, mitre, nist, PCI, phishing, privacy, ransomware, regulation, risk, risk-assessment, risk-management, software, strategy, threat, training, update, vulnerabilityIf the company already has a mature risk culture: The implementation of a cybersecurity management project becomes more flexible. Since my goal is to share the mechanics to achieve success in a cybersecurity program, I emphasize below some components of this ‘recipe’ to consider: Understand the dynamics and scope of the business, mapping stakeholders, processes…
-
Your cyber risk problem isn’t tech, it’s architecture
Tags: ai, attack, awareness, best-practice, business, ciso, cloud, compliance, container, control, csf, cyber, cybersecurity, data, data-breach, defense, finance, framework, GDPR, governance, grc, group, intelligence, Internet, ISO-27001, mitre, nist, PCI, phishing, privacy, ransomware, regulation, risk, risk-assessment, risk-management, software, strategy, threat, training, update, vulnerabilityIf the company already has a mature risk culture: The implementation of a cybersecurity management project becomes more flexible. Since my goal is to share the mechanics to achieve success in a cybersecurity program, I emphasize below some components of this ‘recipe’ to consider: Understand the dynamics and scope of the business, mapping stakeholders, processes…
-
The ultimate business resiliency test: Inside Kantsu’s ransomware response
set up a new group email system and secure emergency contact pointsestablish a dedicated contact point for business partners to handle inquiriesprohibit internal internet accesscheck the operational status of major systemsAll shipping operations came to a halt. The company explained the situation to all employees at 9:00 a.m., and began assessing the damage and taking…
-
The ultimate business resiliency test: Inside Kantsu’s ransomware response
set up a new group email system and secure emergency contact pointsestablish a dedicated contact point for business partners to handle inquiriesprohibit internal internet accesscheck the operational status of major systemsAll shipping operations came to a halt. The company explained the situation to all employees at 9:00 a.m., and began assessing the damage and taking…
-
The ultimate business resiliency test: Inside Kantsu’s ransomware response
set up a new group email system and secure emergency contact pointsestablish a dedicated contact point for business partners to handle inquiriesprohibit internal internet accesscheck the operational status of major systemsAll shipping operations came to a halt. The company explained the situation to all employees at 9:00 a.m., and began assessing the damage and taking…
-
The Evolution of Chaos: Ransomware’s New Era of Speed and Intelligence
In 2025, the notorious Chaos ransomware has undergone a dramatic transformation, emerging with a sophisticated C++ variant that represents the most dangerous iteration to date. This marks the first time Chaos has departed from its traditional .NET foundation, introducing destructive extortion tactics and cryptocurrency theft capabilities that significantly amplify both operational impact and financial risk…
-
Salesforce AI agents set to assist enterprises with security and compliance
Tags: access, ai, cisco, cloud, compliance, crowdstrike, data, detection, finance, google, ibm, marketplace, strategy, threat, tool, vulnerabilitySalesforce Agentforce: Agentforce is a relatively new platform but has already evolved at an extremely rapid pace. It was first unveiled in September 2024, became generally available the following month, added testing and agent lifecycle management tools in November, announced integration with Slack and other platforms in December, added autonomous agents that can take action…
-
Salesforce AI agents set to assist enterprises with security and compliance
Tags: access, ai, cisco, cloud, compliance, crowdstrike, data, detection, finance, google, ibm, marketplace, strategy, threat, tool, vulnerabilitySalesforce Agentforce: Agentforce is a relatively new platform but has already evolved at an extremely rapid pace. It was first unveiled in September 2024, became generally available the following month, added testing and agent lifecycle management tools in November, announced integration with Slack and other platforms in December, added autonomous agents that can take action…
-
Salesforce AI agents set to assist enterprises with security and compliance
Tags: access, ai, cisco, cloud, compliance, crowdstrike, data, detection, finance, google, ibm, marketplace, strategy, threat, tool, vulnerabilitySalesforce Agentforce: Agentforce is a relatively new platform but has already evolved at an extremely rapid pace. It was first unveiled in September 2024, became generally available the following month, added testing and agent lifecycle management tools in November, announced integration with Slack and other platforms in December, added autonomous agents that can take action…
-
Stablecoins: The New Currency of Online Criminals
Dollar-Pegged Tokens Trade Volatility for Convenience But Are Easier to Track. Fraudsters are routing more proceeds through stablecoins tied to U.S. dollars for liquidity. Forensics teams are gaining more visibility from issuer controls, but banks and regulators face a fast, interoperable ecosystem that needs better monitoring and coordinated enforcement. First seen on govinfosecurity.com Jump to…
-
Nearly a year after attack, US medical scanning biz gets clear image of stolen patient data
No fraud monitoring and no apology after miscreants make off with medical, financial data First seen on theregister.com Jump to article: www.theregister.com/2025/10/07/10_months_later_us_medical/
-
Qilin Claims Ransomware Attack on Mecklenburg Schools
The Qilin ransomware gang has claimed attacks at Mecklenburg County Public Schools, stealing financial records and childrens’ medical files First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/qilin-ransomware-mecklenburg/
-
Jaguar Land Rover to restart production following cyberattack
After halting global production last month, Jaguar Land Rover says it will restart operations and provide financial support to some of its suppliers. First seen on therecord.media Jump to article: therecord.media/jaguar-land-rover-restarting-production-after-cyberattack
-
Jaguar Land Rover to restart production following cyberattack
After halting global production last month, Jaguar Land Rover says it will restart operations and provide financial support to some of its suppliers. First seen on therecord.media Jump to article: therecord.media/jaguar-land-rover-restarting-production-after-cyberattack
-
Discord Reveals Data Breach Following Third-Party Compromise
Discord said a third-party customer services provider was compromised to access user data, with the attackers aiming to extort a financial ransom First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/discord-data-breach-third-party/
-
Discord Reveals Data Breach Following Third-Party Compromise
Discord said a third-party customer services provider was compromised to access user data, with the attackers aiming to extort a financial ransom First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/discord-data-breach-third-party/
-
Staying Ahead with Proactive NHI Security
How Do Non-Human Identities Impact Cybersecurity? With organizations increasingly adopt sophisticated technologies, the importance of securing Non-Human Identities (NHIs) grows ever more critical. But how can businesses ensure the safety of these machine identities? Understanding and managing these identities can provide considerable security leverage across various sectors, including financial services, healthcare, and more. Understanding Non-Human……
-
Are Your NHIs Capable Enough for New Threats?
Are Your Cybersecurity Measures Equipped to Handle the Unique Challenges of Non-Human Identities? Where cybersecurity threats evolve by the minute, are your cybersecurity measures truly robust enough to handle the increasing complexity of Non-Human Identities (NHIs)? The advent of cloud environments has redefined how organizations across financial services, healthcare, DevOps, and other industries manage their……
-
Strategies for Financial Services to Reduce Average Breach Costs of $6 Million
The financial services industry stands at a critical crossroads.As cyber threats grow smarter and more relentless, banks, insurers, and investment firms face rising breach costs, averaging over $6 million per incident. These attacks don’t just hurt the bottom line, they erode customer trust, brand reputation, and regulatory compliance. For More Information: info.seceon.com/strategies-for-financial-services-to-reduce-average-breach-costs In First seen…
-
From Months to Minutes: How Seceon’s Unified Platform Saves Education $300K+ Annually
The education sector has transformed rapidly, digital classrooms, cloud-based research, and connected campuses are now the norm. But with innovation comes risk. Schools and universities store highly sensitive data, from student records and health info to financial aid details and research IP, making them a prime target for cybercriminals. With tight budgets, First seen on…
-
From Months to Minutes: How Seceon’s Unified Platform Saves Education $300K+ Annually
The education sector has transformed rapidly, digital classrooms, cloud-based research, and connected campuses are now the norm. But with innovation comes risk. Schools and universities store highly sensitive data, from student records and health info to financial aid details and research IP, making them a prime target for cybercriminals. With tight budgets, First seen on…
-
Strategies for Financial Services to Reduce Average Breach Costs of $6 Million
The financial services industry stands at a critical crossroads.As cyber threats grow smarter and more relentless, banks, insurers, and investment firms face rising breach costs, averaging over $6 million per incident. These attacks don’t just hurt the bottom line, they erode customer trust, brand reputation, and regulatory compliance. For More Information: info.seceon.com/strategies-for-financial-services-to-reduce-average-breach-costs In First seen…
-
New malware leverages WhatsApp to target Brazilian government and businesses
Brazilian WhatsApp users should be aware of malware that hijacks contact lists to spread itself and potentially serve as a gateway for other malicious code that targets financial information, researchers said. First seen on therecord.media Jump to article: therecord.media/brazil-malware-whatsapp-sorvepotel
-
Self-Propagating Malware Hits WhatsApp Users in Brazil
The enterprise-focused Water Saci campaign spreads Sorvepotel, which can steal credentials and monitor browser activity to defraud financial institutions in the region. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/self-propagating-malware-hits-whatsapp-users-brazil
-
CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities
Tags: advisory, attack, breach, business, cve, cyber, data, email, exploit, extortion, finance, flaw, group, intelligence, mitigation, mobile, oracle, ransomware, remote-code-execution, software, threat, update, vulnerability, zero-dayFollowing reports the Cl0p ransomware group has been extorting Oracle E-Business Suite customers, Oracle released an advisory for a zero-day that was exploited in the wild. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed Oracle zero-day vulnerability that was exploited in the…