Tag: finance
-
Harvard, UPenn Data Leaked in ShinyHunters Shakedown
Leaked Financial and Admissions Data Includes Contact Details for ‘Top Donors’. Harvard University has been named as a victim and doxed by hack-and-leak group ShinyHunters, apparently as a result of the cybercrime group’s ongoing live phishing attacks that often attempt to trick IT help desks into giving attackers direct access to a victim’s network and…
-
Building a Zero-Trust Framework for Cloud Banking
Zero-trust architecture helps banks secure cloud environments, meet regulations, and scale innovation through identity-first security. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/building-a-zero-trust-framework-for-cloud-banking/
-
Should I stay or should I go?
Tags: access, breach, business, ceo, cio, ciso, communications, compliance, cybersecurity, finance, fraud, insurance, jobs, network, risk, strategy, supply-chain, update, vulnerabilityRed flag: Cognitive disconnect: Lack of access to executives and the board comes up repeatedly in Cybersecurity Ventures reports as a top reason CISO’s decide to leave their jobs, according to Steve Morgan, founder of Cybersecurity Ventures. He cites lack of support as another top reason CISO’s leave.Splunk’s 2025 CISO report found 29% of respondents…
-
Auto finance fraud is costing dealers up to $20,000 per incident
Auto retailers see fraud as a regular part of selling and financing vehicles, something that shows up often enough to plan around, according to Experian. Income and identity … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/04/auto-dealers-finance-fraud-losses/
-
How does innovation in agentic AI impact financial security
Are You Leveraging Agentic AI for Enhanced Financial Security? Businesses across various sectors are increasingly relying on Agentic AI to bolster their financial security measures. But what exactly is Agentic AI, and why is it swiftly becoming an integral part of cybersecurity frameworks, especially in sectors like financial services, healthcare, and DevOps? The Rise of……
-
Chinese Money Laundering Jargon via Google’s Gemini
After having a short discussion with Gemini about Chinese Money Laundering, I could tell we weren’t quite connecting on my Mandarin-assistance requests, so I shared an example post from a Telegram “Crime-as-a-Service” group that was part of a Chinese Guarantee Syndicate. For context, these posts were made in the Tudou Guarantee Syndicate’s group dedicated to…
-
Step Finance says compromised execs’ devices led to $40M crypto theft
Step Finance announced that it lost $40 million worth of digital assets after hackers compromised devices belonging to the company’s team of executives. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/step-finance-says-compromised-execs-devices-led-to-40m-crypto-theft/
-
A 24% Success Rate for AI Agents – Is That Acceptable?
New Study Shows AI Agents Can’t Work Without Humans in the Loop, But Give Them Time AI agents are quickly moving from experimental demos to enterprise pilots, and they’re already being used for tasks such as financial analysis, document review and drafting. But as AI gains momentum, one question goes largely unanswered: How can we…
-
UK investigating first suspected breach of cyber sanctions
HM Treasury said the Office of Financial Sanctions Implementation (OFSI) has recorded up to five potential breaches of cyber sanctions, all involving firms in the financial services sector. First seen on therecord.media Jump to article: therecord.media/uk-investing-first-suspected-breach-cyber-sanctions
-
Banks on the hook for £173m in APP fraud reimbursement
Banks paid 88% losses claimed by customers that fell victim to authorised push payment fraud last year First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366638616/Banks-on-the-hook-for-173m-in-APP-fraud-reimbursement
-
Outages Happen to Everyone. Building a Resilient Architecture Doesn’t Have to Be Hard.
Tags: access, ai, attack, breach, business, cloud, compliance, computing, container, control, csf, cyberattack, data, defense, detection, dora, encryption, finance, framework, government, nist, regulation, resilience, service, software, strategy, technologyOutages Happen to Everyone. Building a Resilient Architecture Doesn’t Have to Be Hard. madhav Tue, 02/03/2026 – 05:21 No company is spared the pain of outages. But their impact can be mitigated by how resilient you build your business architecture. And who you choose to partner with can significantly determine how effective that will be.…
-
When responsible disclosure becomes unpaid labor
Tags: ai, bug-bounty, ciso, cloud, compliance, control, credentials, cve, cvss, cybersecurity, data, email, exploit, finance, flaw, governance, healthcare, incident response, infrastructure, jobs, open-source, ransom, risk, security-incident, service, software, threat, tool, update, vulnerability, warfaresupposed to function and how it increasingly does in practice. Enter the gray zone of ethical disclosure: The result is a growing gray zone between ethical research and adversarial pressure. Based on years of reporting on disclosure disputes, that gray zone tends to emerge through a small set of recurring failure modes.Silent treatment and severity…
-
NDSS 2025 Alba: The Dawn Of Scalable Bridges For Blockchains
Session 11A: Blockchain Security 2 Authors, Creators & Presenters: Giulia Scaffino (TU Wien), Lukas Aumayr (TU Wien), Mahsa Bastankhah (Princeton University), Zeta Avarikioti (TU Wien), Matteo Maffei (TU Wien) PAPER Alba: The Dawn of Scalable Bridges for Blockchains Over the past decade, cryptocurrencies have garnered attention from academia and industry alike, fostering a diverse blockchain…
-
How impenetrable is secrets encryption in financial services
How Secure is Secrets Encryption in Financial Services? Have you ever wondered how financial services ensure the safety of critical information? The key lies in the sophisticated management of Non-Human Identities (NHIs) and the rigorous approach to secrets encryption. These elements are essential to safeguarding sensitive data from falling into the wrong hands. The Role……
-
NDSS 2025 Silence False Alarms
Tags: blockchain, china, conference, cyber, data, detection, finance, Internet, network, tool, vulnerabilitySession 11A: Blockchain Security 2 Authors, Creators & Presenters: Qiyang Song (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences), Heqing Huang (Institute of Information Engineering, Chinese Academy of Sciences), Xiaoqi Jia (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of…
-
NS&I’s IT car crash considers cutting legacy links to stop the bleeding
Tags: finance£1.3B over budget and four years late, bank searches for a way to not to bust new timetable and funding pot First seen on theregister.com Jump to article: www.theregister.com/2026/01/30/nsandi_latest/
-
Acumen Cyber Further Strengthens Board with Appointment of Derek Whigham
Acumen Cyber, an engineer powered cyber security service provider, has announced the appointment of Derek Whigham as Non Executive Director and Strategic Advisor, strengthening the company’s leadership team as it continues to scale across the UK. Derek is a globally recognised cyber security and technology leader with more than 28 years of experience across financial…
-
Hugging Face infra abused to spread Android RAT in a large-scale malware campaign
Abuse through smart hosting: Hugging Face is a go-to platform for developers hosting machine learning models, datasets, and tooling. According to Bitdefender, the resource is now being leveraged to mask malicious downloads amidst legitimate activity. While the platform uses ClamAV scanning on uploads, these controls currently fall short of filtering out cleverly disguised malware repositories,…
-
National Crime Agency and NatWest Issue Joint Warning Over Invoice Fraud Threat
Cyber fraudsters targeting corporate finance departments costs businesses millions a year First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nca-natwest-warning-over-invoice/
-
Measuring Agentic AI Posture: A New Metric for CISOs
In cybersecurity, we live by our metrics. We measure Mean Time to Respond (MTTR), Dwell Time, and Patch Cadence. These numbers indicate to the Board how quickly we respond when issues arise. But in the era of Agentic AI, reaction speed is no longer enough. When an AI Agent or an MCP server is compromised,…
-
Roughly half of employees are using unsanctioned AI tools, and enterprise leaders are major culprits
51% have connected AI tools to work systems or apps without the approval or knowledge of IT;63% believe it’s acceptable to use AI when there is no corporate-approved option or IT oversight;60% say speed is worth the security risk;21% think employers will simply “turn a blind eye” as long as they’re getting their work done.And…
-
Hugging Face abused to spread thousands of Android malware variants
A new Android malware campaign is using the Hugging Face platform as a repository for thousands of variations of an APK payload that collects credentials for popular financial and payment services. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hugging-face-abused-to-spread-thousands-of-android-malware-variants/
-
AI, Deepfakes Are Top Risks for Financial Crime Specialists
ACAMS Says Investigators Need Better Data, Architecture and AI-Based Detection. The financial system has a trust problem driven by artificial intelligence, and CIOs looking to prevent fraud and other financial crimes will only face more challenges as criminals find new ways to use AI to swindle, according to an Association of Certified Anti-Money Laundering Specialists…
-
Marquis blames ransomware breach on SonicWall cloud backup hack
Marquis Software Solutions, a Texas-based financial services provider, is blaming a ransomware attack that impacted its systems and affected dozens of U.S. banks and credit unions in August 2025 on a security breach reported by SonicWall a month later. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/marquis-blames-ransomware-breach-on-sonicwall-cloud-backup-hack/
-
The Agentic AI Posture Score: A New Metric for CISOs
In cybersecurity, we live by our metrics. We measure Mean Time to Respond (MTTR), Dwell Time, and Patch Cadence. These numbers tell the Board how fast we react when things go wrong. But in the era of Agentic AI, reaction speed is no longer enough. When an AI Agent or an MCP server is compromised,…
-
EU’s answer to CVE solves dependency issue, adds fragmentation risks
Tags: access, ai, china, cisco, cve, cyber, cybersecurity, data, dos, exploit, finance, governance, grc, infrastructure, intelligence, international, nvd, open-source, risk, service, software, threat, tool, vulnerability, vulnerability-managementCoordinated disclosure: Nik Kale, principal engineer and product architect at Cisco Systems, says GCVE’s main challenge comes from building a platform that the security community can rely on for coordinated disclosure and remediation.”Viability depends far more on governance than on the data itself,” Kale says. “That includes clear attribution rules, transparent CNA processes, predictable decision-making,…