Tag: finance
-
There’s no such thing as quantum incident response and that changes everything
Tags: apple, attack, china, compliance, computer, cryptography, data, dns, encryption, finance, group, healthcare, incident response, Internet, linkedin, nist, PCI, risk, serviceStep one: Inventory your algorithms and data with a view towards which sensitive data ought to be protected with PQC. This is a data classification exercise where you need to add a column to track whether the datastore or application qualifies for PQC.Step two: Check your internet-facing assets to see which, if any, are already…
-
Auction house Sotheby’s finds its data on the block after cyberattack
Alert says financial account information lifted from systems First seen on theregister.com Jump to article: www.theregister.com/2025/10/16/sothebys_breach/
-
There’s no such thing as quantum incident response and that changes everything
Tags: apple, attack, china, compliance, computer, cryptography, data, dns, encryption, finance, group, healthcare, incident response, Internet, linkedin, nist, PCI, risk, serviceStep one: Inventory your algorithms and data with a view towards which sensitive data ought to be protected with PQC. This is a data classification exercise where you need to add a column to track whether the datastore or application qualifies for PQC.Step two: Check your internet-facing assets to see which, if any, are already…
-
Auction house Sotheby’s finds its data on the block after cyberattack
Alert says financial account information lifted from systems First seen on theregister.com Jump to article: www.theregister.com/2025/10/16/sothebys_breach/
-
There’s no such thing as quantum incident response and that changes everything
Tags: apple, attack, china, compliance, computer, cryptography, data, dns, encryption, finance, group, healthcare, incident response, Internet, linkedin, nist, PCI, risk, serviceStep one: Inventory your algorithms and data with a view towards which sensitive data ought to be protected with PQC. This is a data classification exercise where you need to add a column to track whether the datastore or application qualifies for PQC.Step two: Check your internet-facing assets to see which, if any, are already…
-
Auction house Sotheby’s finds its data on the block after cyberattack
Alert says financial account information lifted from systems First seen on theregister.com Jump to article: www.theregister.com/2025/10/16/sothebys_breach/
-
New Phishing Technique Targets Users via Basic Auth URLs
Netcraft recently uncovered a suspicious URL targeting GMO Aozora Bank, a Japanese financial institution. The URL leveraged a legacy web technique”, Basic Authentication URL formatting”, to visually impersonate the bank and deceive customers. This discovery prompted a broader review of phishing activity that still relies on this old but effective technique, exposing how threat actors…
-
New Phishing Technique Targets Users via Basic Auth URLs
Netcraft recently uncovered a suspicious URL targeting GMO Aozora Bank, a Japanese financial institution. The URL leveraged a legacy web technique”, Basic Authentication URL formatting”, to visually impersonate the bank and deceive customers. This discovery prompted a broader review of phishing activity that still relies on this old but effective technique, exposing how threat actors…
-
Panne bei Paypal-Partner: Versehentlich 300 Billionen USD in Krypto-Coins erzeugt
Kleiner Fehler, große Wirkung: Ein Paypal-Partner hat durch einen Fehler fast die dreifache Menge des globalen BIP in PYUSD-Stablecoins generiert. First seen on golem.de Jump to article: www.golem.de/news/panne-bei-paypal-partner-versehentlich-300-billionen-usd-in-krypto-coins-erzeugt-2510-201222.html
-
Seceon for Finance: Safeguarding the Digital Economy
In today’s hyper-connected economy, financial institutions operate across cloud systems, digital payment networks, and third-party integrations, forming the nerve center of global commerce. But with this connectivity comes unprecedented exposure to cyber risk. From ransomware and insider threats to compliance violations, financial organizations face an expanding threat landscape where a single breach can cost First…
-
The Human Cost of Cyber Risk: How Exposure Management Can Ease Security Burnout
Tags: ai, attack, breach, business, ceo, ciso, cloud, cve, cyber, cybersecurity, data, data-breach, defense, finance, fraud, healthcare, identity, mitre, ransomware, risk, strategy, technology, threat, tool, vulnerability, vulnerability-managementThe true cost of cyber risk is a human one. Siloed tools and disjointed operations aren’t just endangering your business, they’re also taking a real toll on your teams. It’s long past time to take the friction out of cybersecurity with a unified, proactive approach. Key takeaways: Security teams are overwhelmed by the number of…
-
The Human Cost of Cyber Risk: How Exposure Management Can Ease Security Burnout
Tags: ai, attack, breach, business, ceo, ciso, cloud, cve, cyber, cybersecurity, data, data-breach, defense, finance, fraud, healthcare, identity, mitre, ransomware, risk, strategy, technology, threat, tool, vulnerability, vulnerability-managementThe true cost of cyber risk is a human one. Siloed tools and disjointed operations aren’t just endangering your business, they’re also taking a real toll on your teams. It’s long past time to take the friction out of cybersecurity with a unified, proactive approach. Key takeaways: Security teams are overwhelmed by the number of…
-
The Compliance Automation Revolution 2025
In 2025, compliance is no longer a box-ticking exercise, it’s a strategic business imperative. With new regulations like the EU’s NIS2 Directive, DORA for financial services, CMMC 2.0 for U.S. defense, and the Australian Privacy Act 2024, enterprises face tougher obligations, faster reporting timelines, and penalties reaching into the tens of millions. Yet most First…
-
GhostBat RAT Returns with Fake RTO Apps Targeting Indian Android Users with Telegram Bot-Driven Malware
A new trend of Android malware is sweeping across India, leveraging the guise of Regional Transport Office (RTO) apps to steal financial data, mine cryptocurrency, and exfiltrate SMS messages, all while secretly registering infected devices through Telegram bots. Known as GhostBat RAT, this new malware campaign has recently resurfaced. First seen on thecyberexpress.com Jump to article:…
-
GhostBat RAT Returns with Fake RTO Apps Targeting Indian Android Users with Telegram Bot-Driven Malware
A new trend of Android malware is sweeping across India, leveraging the guise of Regional Transport Office (RTO) apps to steal financial data, mine cryptocurrency, and exfiltrate SMS messages, all while secretly registering infected devices through Telegram bots. Known as GhostBat RAT, this new malware campaign has recently resurfaced. First seen on thecyberexpress.com Jump to article:…
-
Visa Puts Autonomous Commerce at the Core of Payments
The Payments Giant Is Creating Digital Rails for Secure, AI-Driven Commerce. Visa is doubling down on both B2C and B2B agentic AI use cases. Early experiments focus on automating repetitive, trust-sensitive financial tasks, but the company is rapidly expanding into more sophisticated scenarios, positioning itself at the center of the next major shift in global…
-
Beyond the checklist: Building adaptive GRC frameworks for agentic AI
Tags: access, ai, breach, ciso, cloud, compliance, control, crime, data, detection, endpoint, finance, framework, fraud, governance, grc, international, metric, monitoring, nist, risk, risk-management, strategy, supply-chain, switchAutonomous agent drift First, I experienced an autonomous agent drift that nearly caused a severe financial and reputational crisis. We deployed a sophisticated agent tasked with optimizing our cloud spending and resource allocation across three regions, giving it a high degree of autonomy. Its original mandate was clear, but after three weeks of self-learning and…
-
13 cybersecurity myths organizations need to stop believing
Tags: access, ai, attack, authentication, backup, banking, breach, business, ceo, compliance, computer, computing, corporate, credentials, cyber, cybersecurity, data, data-breach, deep-fake, defense, encryption, finance, government, group, identity, incident response, infrastructure, jobs, law, malicious, mfa, monitoring, network, nist, openai, passkey, password, phishing, privacy, regulation, risk, service, skills, strategy, technology, theft, threat, tool, vulnerabilityBig tech platforms have strong verification that prevents impersonation: Some of the largest tech platforms like to talk about their strong identity checks as a way to stop impersonation. But looking good on paper is one thing, and holding up to the promise in the real world is another.”The truth is that even advanced verification…
-
Unsupported OpenJDK in Financial Systems: Hidden Risks
Summary Financial institutions using Java can remain compliant with the EU’s DORA security framework with a secure, supported and stable Java platform. For this reason, all the world’s top 10 trading companies and six of the top 10 U.S. financial firms have switched to Azul. In this post you will learn: The EU’s Digital Operational Resilience Act (DORA) is a……
-
Police Bust GXC Team, One of the Most Active Cybercrime Networks
Spanish Guardia Civil and Group-IB arrest ‘GoogleXcoder,’ the 25-year-old Brazilian mastermind of the GXC Team, for selling AI-powered phishing kits and malware used to steal millions from banks across the US, UK, Spain, and Brazil. First seen on hackread.com Jump to article: hackread.com/police-bust-gxc-team-cybercrime-networks/
-
Police Bust GXC Team, One of the Most Active Cybercrime Networks
Spanish Guardia Civil and Group-IB arrest ‘GoogleXcoder,’ the 25-year-old Brazilian mastermind of the GXC Team, for selling AI-powered phishing kits and malware used to steal millions from banks across the US, UK, Spain, and Brazil. First seen on hackread.com Jump to article: hackread.com/police-bust-gxc-team-cybercrime-networks/
-
Vom CISO zum Chief Risk Architect
Tags: ai, business, ceo, ciso, cyber, cyberattack, cyersecurity, dora, finance, firewall, germany, incident response, nis-2, resilience, risk, risk-assessment, risk-management, supply-chain, technology, update, vulnerabilityDer moderne CISO wird zum Chief Risk Architect.Jahrelang waren CISOs im Maschinenraum der IT tätig und konzentrierten sich auf die Einhaltung von Vorschriften, die Verwaltung von Firewalls, Patching und die Reaktion auf Vorfälle. Ihr Hauptziel war es, einen Cyberangriff zu verhindern und die Sicherheit aufrechtzuerhalten. Doch dieses Modell wird der Komplexität moderner Bedrohungen nicht mehr…
-
Sovereign Data, Sovereign Access: Introducing Modern FIDO Authentication for SAS PCE
Sovereign Data, Sovereign Access: Introducing Modern FIDO Authentication for SAS PCE andrew.gertz@t“¦ Mon, 10/13/2025 – 14:53 Discover how Thales empowers enterprises with sovereign access through FIDO authentication in SAS PCE”, ensuring secure, phishing-resistant identity control for hybrid environments. Identity & Access Management Access Control Guido Gerrits – Field Channel Director, EMEA More About This Author…
-
Financial, Other Industries Urged to Prepare for Quantum Computers
Despite daunting technical challenges, a quantum computer capable of breaking public-key encryption systems may only be a decade or two off. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/financial-industries-urged-prepare-quantum-computers
-
AI red flags, ethics boards and the real threat of AGI today
Tags: ai, computer, control, data-breach, disinformation, finance, government, intelligence, risk, risk-management, threatQ: Should every large enterprise have an AI ethics board, and what should its remit include?: Paul Dongha: “When it comes to the executives and decision-makers of large corporations, I think there are a few things here.”Firstly, I believe an ethics board is absolutely mandatory. It should be comprised of senior executives drawn from a…
-
AI red flags, ethics boards and the real threat of AGI today
Tags: ai, computer, control, data-breach, disinformation, finance, government, intelligence, risk, risk-management, threatQ: Should every large enterprise have an AI ethics board, and what should its remit include?: Paul Dongha: “When it comes to the executives and decision-makers of large corporations, I think there are a few things here.”Firstly, I believe an ethics board is absolutely mandatory. It should be comprised of senior executives drawn from a…
-
Invoicely Database Leak Exposes 180,000 Sensitive Records
Cybersecurity researcher Jeremiah Fowler discovered nearly 180,000 files, including PII and banking details, left exposed on an unprotected database linked to the Invoicely platform. Read about the identity theft and financial fraud risks for over 250,000 businesses worldwide. First seen on hackread.com Jump to article: hackread.com/invoicely-database-leak-expose-sensitive-records/
-
Spanish Authorities Dismantle Advanced AI Phishing Operation GoogleXcoder
Tags: ai, banking, credentials, cyber, cybercrime, finance, government, group, law, network, phishing, theftSpanish law enforcement recently dismantled an advanced AI-driven phishing network and arrested the mastermind developer known as “GoogleXcoder.” This operation marks a significant victory in the fight against banking credential theft in Spain. Cybercriminals Target Banks and Government Agencies Since 2023, Spain faced a surge in sophisticated phishing campaigns. Criminal groups impersonated major banks and…
-
Spanish Authorities Dismantle Advanced AI Phishing Operation GoogleXcoder
Tags: ai, banking, credentials, cyber, cybercrime, finance, government, group, law, network, phishing, theftSpanish law enforcement recently dismantled an advanced AI-driven phishing network and arrested the mastermind developer known as “GoogleXcoder.” This operation marks a significant victory in the fight against banking credential theft in Spain. Cybercriminals Target Banks and Government Agencies Since 2023, Spain faced a surge in sophisticated phishing campaigns. Criminal groups impersonated major banks and…
-
CIO100 and CSO30 ASEAN 2025 Team Awards Finalists: Celebrating Technology and Cybersecurity Excellence Across the Southeast Asia region
About CIO100 and CSO30 ASEAN AwardsThe CIO100 and CSO30 ASEAN Awards are flagship programs by Foundry’s CIO and CSO brands, recognizing technology leadership excellence across the region. These prestigious awards celebrate individuals and teams who demonstrate innovation, measurable business value, and transformative impact in their organizations and industries.Estelle QuekEditorial Director, CIO and CSO ASEAN