Tag: finance
-
Vietnamese Digital Spies Look for Domestic Targets
Eset Says Threat Actor Redirected Efforts From Foreign Operations. Eset linked OceanLotus, also known as APT32, to a supply-chain attack on Vietnam’s FireAnt financial platform and a prolonged intrusion into a transport infrastructure company, suggesting the state-aligned threat actor is increasingly focused on gathering intelligence from domestic targets. First seen on govinfosecurity.com Jump to article:…
-
ShinyHunters Leak 40GB of University of Nottingham Student Data
ShinyHunters hackers leak 40GB of University of Nottingham personal and financial data, allegedly impacting 450,000 students and staff records. First seen on hackread.com Jump to article: hackread.com/shinyhunters-university-of-nottingham-student-data-leak/
-
Cyber resilience and female leadership: The new pillars of Middle East banking security
As banks accelerate digital services, open banking strategies and AI adoption, cyber security leaders across the region are calling for stronger resilience, ecosystem collaboration and greater female representation to secure the future of financial services First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366644042/Cyber-resilience-and-female-leadership-The-new-pillars-of-Middle-East-banking-security
-
Chinese, N. Korean Threat Groups Build on Asia-Pacific Success
North Korea’s gross domestic product (GDP) has grown, in part because of the cybercrime gains of groups linked to the nation, which target business and financial firms. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-korean-threat-groups-asia-pacific-success
-
The Hidden Security Risk in Modern Networks: The Work Between Tools
Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort.But the same challenges persist. Outages still last hours, causing significant financial losses, operational disruption, and reputational impact. Threat response and mean time to First…
-
North Korea Hackers Weaponize GitHub to Target Developers
A sustained phishing campaign that leverages developer recruitment and code-review lures to deliver cross”‘platform malware via attacker-controlled GitHub repositories. Tracked as UNK_DeadDrop and attributed with high confidence to a North Korea”‘aligned actor, the operation targeted nearly 100 organizations across finance, cryptocurrency, education and technology by sending more than 250 tailored emails over six weeks. The…
-
UNC3753 Escalates: From Vishing Calls to Physical Office Intrusions at US Legal and Financial Firms
UNC3753 phones staff posing as IT, hijacks screen sessions, steals sensitive legal files, and now sends operatives physically into offices to plug in USB drives. Google Mandiant and the Google Threat Intelligence Group published a detailed report documenting an active extortion campaign carried out by the cybercrime group UNC3753 (aka Luna Moth, Chatty Spider, and…
-
The new risk equation: Why endpoint security is a financial imperative
Cyber risk is financial risk; endpoint security in financial services is a business imperative. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/spons/the-new-risk-equation-why-endpoint-security-is-a-financial-imperative/821449/
-
The new risk equation: Why endpoint security is a financial imperative
Cyber risk is financial risk; endpoint security in financial services is a business imperative. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/spons/the-new-risk-equation-why-endpoint-security-is-a-financial-imperative/821449/
-
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026.The activity has been attributed by Google Mandiant and Google Threat Intelligence Group (GTIG) to a threat actor dubbed UNC3753, which is also…
-
Report: Anthropic Deploys Engineers to Support NSA Use of Mythos
Reports claim Anthropic engineers are helping the NSA use its restricted AI model Mythos, known for advanced cybersecurity capabilities. This week, the Financial Times reported that Anthropic has placed approximately six >>forward-deployed<< engineers inside the National Security Agency to help the intelligence agency use Mythos, its most capable cyber model, for offensive operations. Two people…
-
UNC3753 Targets US Law Firms with Vishing, RMM Tools, and Physical Break-Ins
Threat cluster UNC3753, widely tracked as Silent Ransom Group or Luna Moth, is actively targeting professional, legal, and financial services in the United States. According to Mandiant’s Google Threat Intelligence Group (GTIG), this financially motivated campaign leverages a highly effective combination of voice phishing, remote monitoring and management abuse, and unprecedented physical office intrusions. Attackers…
-
FTC considers setting aside or modifying $150 million privacy penalty against X
Twitter, renamed X in 2023, filed a petition saying that the settlement terms are unfair because the order was issued against a company that “no longer exists,” the workers responsible for the scheme no longer work for X and the firm has since established a “world class” privacy and data protection program. First seen on…
-
IronWorm npm Attack Steals Developer Secrets
Tags: attack, credentials, crypto, cyber, data-breach, finance, malicious, software, supply-chain, wormA newly uncovered supply chain attack dubbed “IronWorm” is leveraging malicious npm packages to compromise developer environments, steal sensitive credentials, and propagate itself across repositories in a worm-like fashion. The campaign, identified in the wild, targets software developers with a particular focus on crypto and Web3 ecosystems, where exposed secrets can yield immediate financial value.…
-
Pakistan Spies on Afghan Finance Ministry With Xeno RAT
Despite broadly connected digital infrastructure, standard fare TTPs are enough to cause trouble for Afghanistan’s porous cybersecurity. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/pakistan-spies-afghan-finance-ministry-xeno-rat
-
Musk’s X Asks US FTC to Nullify Data Security Order
Social Media Platform Files Petition With Agency Over May 2022 Consent Order. Elon Musk’s social media company wants a do-over with the U.S. Federal Trade Commission in a petition arguing the agency should terminate data security oversight 16 years early. The FTC began Tuesday a public comment period for X’s request to set aside or…
-
What 345 Days of Untested Exposure Looks Like at a Bank
A two-week penetration test can leave roughly 345 days of real-world exposure unvalidated. Sprocket Security explores why continuous testing is becoming critical as attack surfaces constantly change. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/what-345-days-of-untested-exposure-looks-like-at-a-bank/
-
Global Stock Exchange Hit by Monthslong Email Campaign
A threat actor got a near-continuous view into an influential finance executive’s email inbox, thanks to clever use of legitimate, native Windows tools. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/global-stock-exchange-hit-monthslong-email-campaign
-
Infosecurity Europe: Execs Must Treat Cyber Threats as Statecraft, ISACA Expert Say
Private firms are being targeted by nation-state groups for reasons beyond finance, argued ISACA’s Bharat Thakrar First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/execs-cisos-must-treat-cyber/
-
North Korean APT Targets macOS to Steal Crypto Wallets and SSH Keys
A newly uncovered macOS intrusion campaign attributed to the North Korean state-sponsored threat group Sapphire Sleet, also known as BlueNoroff or UNC1069, is targeting high-value organizations in the financial and cryptocurrency sectors. The operation focuses on venture capital firms, Web3 developers, and crypto platforms, highlighting a continued shift in North Korean cyber operations toward financially…
-
SideCopy group targets Afghanistan’s Ministry of Finance with Xeno RAT
First seen on scworld.com Jump to article: www.scworld.com/brief/sidecopy-group-targets-afghanistans-ministry-of-finance-with-xeno-rat
-
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan’s Ministry of Finance with an open-source remote access trojan called Xeno RAT.”The campaign opens with a spear phishing delivery – a ZIP archive containing a malicious LNK file bearing a carefully crafted Pashto-language filename,” First seen on…
-
Afghan finance officials targeted by suspected Pakistani cyberespionage campaign
A suspected Pakistan-linked hacking group has targeted Afghanistan’s Ministry of Finance and provincial government officials in a new cyberespionage campaign, researchers have found. First seen on therecord.media Jump to article: therecord.media/afghan-officials-targeted-by-sidecopy
-
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Tags: attack, china, cyber, email, espionage, finance, government, group, phishing, service, spear-phishing, technologyA new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments First seen on…
-
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Tags: attack, china, cyber, email, espionage, finance, government, group, phishing, service, spear-phishing, technologyA new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments First seen on…
-
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Tags: attack, china, cyber, email, espionage, finance, government, group, phishing, service, spear-phishing, technologyA new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments First seen on…
-
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Tags: attack, china, cyber, email, espionage, finance, government, group, phishing, service, spear-phishing, technologyA new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments First seen on…
-
Beschlagnahmung von Worktitans-Servern beeinträchtigt Irans Cyberoperationen
Ende Mai haben niederländische Ermittler der Financial Crime investigation of Netherlands (FIOD) in Rechenzentren bei Dronten und Schiphol-Rijk rund 800 Server beschlagnahmt. Das Ziel war der Hosting-Anbieter Worktitans B.V., der auf den ersten Blick wie jedes andere Unternehmen für Internetinfrastruktur aussah. Was die Ermittler jedoch aufdeckten, war weitaus bedeutender: eine Operation, die auf sanktionierter Infrastruktur…
-
MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries
The Iranian hacking group known as MuddyWater has been linked to a new campaign affecting at least nine organizations across nine countries on four continents in the first quarter of 2026.The activity targeted industrial and electronics manufacturing, education and public-sector bodies, financial services, and professional services, per the Threat Hunter Team from Symantec and Carbon…
-
Lazarus APT unveils fileless remote access Trojan designed to evade detection
North Korea-linked Lazarus APT Group is using a stealthy memory-only RAT that leaves almost no forensic traces behind. North Korea-linked APT group Lazarus has never been shy about its ambitions, the threat actor has been tied to some of the most audacious financial heists in recent memory, draining hundreds of millions from cryptocurrency exchanges and…

