Tag: finance
-
FTC upholds ban on stalkerware founder Scott Zuckerman
Tags: financeZuckerman, who used to run the stalkerware apps SpyFone and SpyTrac, claimed the ban is hurting his unrelated business. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/08/ftc-upholds-ban-on-stalkerware-founder-scott-zuckerman/
-
FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024
A new report by the Financial Crimes Enforcement Network (FinCEN) shows that ransomware activity peaked in 2023 before falling in 2024, following a series of law enforcement actions targeting the ALPHV/BlackCat and LockBit ransomware gangs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fincen-says-ransomware-gangs-extorted-over-21b-from-2022-to-2024/
-
US Treasury Tracks $4.5B in Ransom Payments since 2013
The US Treasury’s Financial Crimes Enforcement Network shared data showing how dramatically ransomware attacks have changed over time. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/us-treasury-45b-ransom-payments-2013
-
More than $2 billion in payments from 4,000 ransomware incidents reported to Treasury in recent years
The Treasury Department’s Financial Crimes Enforcement Network (FinCEN) released a study last week covering 4,194 ransomware incidents that were reported through the Bank Secrecy Act over the three-year period. First seen on therecord.media Jump to article: therecord.media/fincen-treasury-2-billion-ransomware-payments-report
-
More than $2 billion in payments from 4,000 ransomware incidents reported to Treasury in recent years
The Treasury Department’s Financial Crimes Enforcement Network (FinCEN) released a study last week covering 4,194 ransomware incidents that were reported through the Bank Secrecy Act over the three-year period. First seen on therecord.media Jump to article: therecord.media/fincen-treasury-2-billion-ransomware-payments-report
-
Russian police bust bank-account hacking gang that used NFCGate-based malware
Russian police said they took down a multimillion-dollar cybercrime operation that used malware based on a legitimate software tool to take over individuals’ bank accounts. First seen on therecord.media Jump to article: therecord.media/russian-police-bust-banking-hackers-nfcgate-based-malware
-
US Contributes to 44% of Cyber Attacks; Public Administration Targeted for Financial Gains
Global cybercrime is accelerating toward a projected cost of 15.63 trillion dollars by 2029, up from an estimated 10.5 trillion dollars today, as criminals exploit new technologies faster than businesses can defend against them. Yet 59% of organisations say they suffered at least one successful cyber attack in the past 12 months, and one in…
-
Hardening browser security with zero-trust controls
Tags: access, api, authentication, automation, browser, chrome, cisa, cloud, compliance, container, control, corporate, credentials, crowdstrike, data, data-breach, detection, edr, email, encryption, endpoint, exploit, fido, finance, framework, google, governance, group, Hardware, identity, kubernetes, least-privilege, login, malicious, malware, mfa, microsoft, network, nist, okta, passkey, password, phishing, phone, risk, risk-assessment, sap, service, soar, theft, threat, tool, update, wifi, windows, zero-trust1. Identity-first access control Network proximity is now an inferior trust signal. Only federated, cryptographically verifiable identity tokens issued by centralized enterprise IdPs using OIDC or SAML are permitted as gates to corporate resources. This transition, well-documented by FIDO Alliance and Microsoft research, transfers the very concept of “inside” the organization from the network to…
-
Der verborgene Cyber-Krieg hinter der nachhaltigen Finanzwirtschaft
Am Internationalen Tag der Banken werden sich die meisten Diskussionen um Zinssätze, Wirtschaftspolitik und die globale Kreditvergabe drehen. Doch diese Diskussionen lassen den wichtigsten Punkt für 2025 und darüber hinaus außer Acht: Wenn eine Bank ihr digitales Umfeld nicht verteidigt, dann kann sie die Zukunft nicht finanzieren. Die Vereinten Nationen haben diesen Tag eingeführt, um…
-
Der verborgene Cyber-Krieg hinter der nachhaltigen Finanzwirtschaft
Am Internationalen Tag der Banken werden sich die meisten Diskussionen um Zinssätze, Wirtschaftspolitik und die globale Kreditvergabe drehen. Doch diese Diskussionen lassen den wichtigsten Punkt für 2025 und darüber hinaus außer Acht: Wenn eine Bank ihr digitales Umfeld nicht verteidigt, dann kann sie die Zukunft nicht finanzieren. Die Vereinten Nationen haben diesen Tag eingeführt, um…
-
Breach Roundup: React Flaw Incites Supply Chain Risk
Also, Microsoft Badly Patches LNK Flaw, Australian Sentenced for ‘Evil Twin’ Hack. This week, the React flaw, a belated Windows fix, Defense Secretary Pete Hegseth’s Signal group posed operational risk, more North Korean npm packages. An Australian jailed for Wi-Fi evil twin crimes. The US FTC will send $15.3 million to Avast users. A London…
-
Marquis data breach impacted more than 780,000 individuals
Hackers breached fintech firm Marquis, stealing personal and financial data, the security breach impacted over 780,000 people. Hackers breached fintech firm Marquis and stole personal and financial data, including names, addresses, SSNs, and card numbers, impacting over 780,000 people. Marquis is a Texas-based fintech and software firm that provides data-driven marketing, customer data platforms, analytics,…
-
From feeds to flows: Using a unified linkage model to operationalize threat intelligence
Tags: access, api, attack, authentication, automation, business, ciso, cloud, compliance, container, control, corporate, credentials, cyber, cybersecurity, data, defense, exploit, finance, firewall, framework, github, government, iam, identity, infrastructure, intelligence, ISO-27001, malicious, metric, mitre, monitoring, network, nist, open-source, phishing, risk, risk-assessment, risk-management, saas, service, siem, soc, software, supply-chain, tactics, threat, tool, update, vulnerability, zero-trustwhat to watch for, but not why it matters or how it moves through your environment.The result is a paradox of abundance: CISOs have more data than ever before, but less operational clarity. Analysts are overwhelmed by indicators disconnected from context or mission relevance.Each feed represents a snapshot of a potential threat, but it does…
-
Newly Sold Albiriox Android Malware Targets Banks and Crypto Holders
Cleafy analysis reveals Albiriox, a new Android Malware-as-a-Service (MaaS) RAT that targets over 400 global banking and crypto apps. Learn how ODF fraud enables full device takeover. First seen on hackread.com Jump to article: hackread.com/albiriox-android-malware-targets-banks-crypto/
-
ThreatsDay Bulletin: Wi-Fi Hack, npm Worm, DeFi Theft, Phishing Blasts”, and 15 More Stories
Think your Wi-Fi is safe? Your coding tools? Or even your favorite financial apps? This week proves again how hackers, companies, and governments are all locked in a nonstop race to outsmart each other.Here’s a quick rundown of the latest cyber stories that show how fast the game keeps changing. DeFi exploit drains funds Critical…
-
Marquis Data Breach Exposes Dozens of U.S. Banks and Credit Unions
A significant cybersecurity incident affecting multiple U.S. financial institutions came to light on November 26, 2025, when Marquis Software Solutions notified affected customers of a ransomware attack. The breach, discovered on August 14, 2025, compromised the personal information of thousands of customers across numerous banks and credit unions throughout the United States. Marquis Software Solutions,…
-
Marquis data breach impacts over 74 US banks, credit unions
Financial software provider Marquis Software Solutions is warning that it suffered a data breach that impacted dozens of banks and credit unions across the US. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/marquis-data-breach-impacts-over-74-us-banks-credit-unions/
-
How Financial Institutions Can Future-Proof Their Security Against a New Breed of Cyber Attackers
As we look at the remainder of 2025 and beyond, the pace and sophistication of cyber attacks targeting the financial sector show no signs of slowing. In fact, based on research from Check Point’s Q2 Ransomware Report, the financial cybersecurity threat landscape is only intensifying. Gone are the days when the average hacker was a..…
-
How Financial Institutions Can Future-Proof Their Security Against a New Breed of Cyber Attackers
As we look at the remainder of 2025 and beyond, the pace and sophistication of cyber attacks targeting the financial sector show no signs of slowing. In fact, based on research from Check Point’s Q2 Ransomware Report, the financial cybersecurity threat landscape is only intensifying. Gone are the days when the average hacker was a..…
-
CSO 30 Awards 2025: Celebrating Excellence, Innovation and Leadership in Cybersecurity
Tags: advisory, ai, automation, awareness, backup, business, ceo, cio, cyber, cybersecurity, data, endpoint, finance, google, governance, healthcare, incident response, infosec, jobs, office, phishing, ransomware, resilience, risk, service, strategy, technology, threatUK CSO 30 2025 winner Greg Emmerson (right) with judge Andrew Barber (left) CSO UK / FoundryGreg Emmerson stood out for transforming both the culture and capability of Applegreen’s security organization. Emmerson established regional Centres of Excellence to strengthen collaboration and skill development across global teams, modernizing operations through Continuous Threat Exposure Management and enterprise-wide canary tooling. By unifying identities and embedding advanced…
-
CSO 30 Awards 2025: Celebrating Excellence, Innovation and Leadership in Cybersecurity
Tags: advisory, ai, automation, awareness, backup, business, ceo, cio, cyber, cybersecurity, data, endpoint, finance, google, governance, healthcare, incident response, infosec, jobs, office, phishing, ransomware, resilience, risk, service, strategy, technology, threatUK CSO 30 2025 winner Greg Emmerson (right) with judge Andrew Barber (left) CSO UK / FoundryGreg Emmerson stood out for transforming both the culture and capability of Applegreen’s security organization. Emmerson established regional Centres of Excellence to strengthen collaboration and skill development across global teams, modernizing operations through Continuous Threat Exposure Management and enterprise-wide canary tooling. By unifying identities and embedding advanced…
-
FTC schools edtech outfit after intruder walked off with 10M student records
Regulator says Illuminate ignored years of warnings, stored kids’ data in plain text, and kept districts in the dark First seen on theregister.com Jump to article: www.theregister.com/2025/12/02/ftc_illuminate/
-
Fake Calendly invites spoof top brands to hijack ad manager accounts
An ongoing phishing campaign impersonates popular brands, such as Unilever, Disney, MasterCard, LVMH, and Uber, in Calendly-themed lures to steal Google Workspace and Facebook business account credentials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-calendly-invites-spoof-top-brands-to-hijack-ad-manager-accounts/
-
FTC schools edtech outfit after intruder walked off with 10M student records
Regulator says Illuminate ignored years of warnings, stored kids’ data in plain text, and kept districts in the dark First seen on theregister.com Jump to article: www.theregister.com/2025/12/02/ftc_illuminate/
-
Arkanix Stealer Emerges as New Threat: Steals VPN Logins, Wi-Fi Credentials, and Screenshots
A newly discovered information-stealing malware called Arkanix is rapidly evolving to target sensitive user data, including VPN credentials, system information, and wireless network passwords. Security researchers have identified this emerging threat as a short-lived, profit-driven malware designed for quick financial exploitation through the sale of stolen data and direct credential compromise. The threat actors behind…
-
Key questions CISOs must ask before adopting AI-enabled cyber solutions
Questions to ask vendors about their AI security offerings: There are several areas where CISOs will want to focus their attention when considering AI-powered cyber solutions, including the following:Shadow AI: Uncovering and addressing shadow AI throughout the organization is a key issue for security leaders today. But so too is ensuring that sanctioned AI-enabled solutions…
-
Key questions CISOs must ask before adopting AI-enabled cyber solutions
Questions to ask vendors about their AI security offerings: There are several areas where CISOs will want to focus their attention when considering AI-powered cyber solutions, including the following:Shadow AI: Uncovering and addressing shadow AI throughout the organization is a key issue for security leaders today. But so too is ensuring that sanctioned AI-enabled solutions…
-
Key questions CISOs must ask before adopting AI-enabled cyber solutions
Questions to ask vendors about their AI security offerings: There are several areas where CISOs will want to focus their attention when considering AI-powered cyber solutions, including the following:Shadow AI: Uncovering and addressing shadow AI throughout the organization is a key issue for security leaders today. But so too is ensuring that sanctioned AI-enabled solutions…
-
Edtech company settles with FTC in wake of data breach
Wisconsin-based Illuminate Education will implement a data security program and delete unnecessary data under an agreement with the Federal Trade Commission prompted by a 2021 breach of the company’s network. First seen on therecord.media Jump to article: therecord.media/illuminate-education-data-breach-settlement-ftc
-
Edtech company settles with FTC in wake of data breach
Wisconsin-based Illuminate Education will implement a data security program and delete unnecessary data under an agreement with the Federal Trade Commission prompted by a 2021 breach of the company’s network. First seen on therecord.media Jump to article: therecord.media/illuminate-education-data-breach-settlement-ftc