Tag: finance
-
New DoubleTrouble Banking Malware Targets Users Through Phishing Sites to Steal Credentials
Researchers at zLabs have been closely monitoring the DoubleTrouble banking trojan, a rapidly evolving malware strain that has shifted its tactics to exploit unsuspecting users across Europe. Initially disseminated via phishing websites mimicking reputable banks, the trojan has now adapted to more insidious distribution methods, including bogus sites hosting samples directly in Discord channels. This…
-
Hacker Arrested for Data Theft Targeting Spanish Bank Customers
Spanish authorities have successfully apprehended a sophisticated cybercriminal who allegedly stole sensitive data from major financial institutions, educational organizations, and private companies across the country. The arrest represents a significant victory in the ongoing battle against cybercrime targeting Spanish citizens and businesses. A collaborative effort between the Mossos d’Esquadra (Catalan police) and Spain’s National Police…
-
Firewalls umgangen: Hacker infiltrieren Netzwerk einer Bank per Raspberry Pi
Der Raspberry Pi wurde einfach am Switch eines Geldautomaten angeschlossen. Dank 4G-Modem konnten sich die Angreifer danach im Netzwerk austoben. First seen on golem.de Jump to article: www.golem.de/news/firewalls-umgangen-hacker-infiltrieren-netzwerk-einer-bank-per-raspberry-pi-2507-198674.html
-
In search of riches, hackers plant 4G-enabled Raspberry Pi in bank network
Sophisticated group also used novel means to disguise their custom malware. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/07/in-search-of-riches-hackers-plant-4g-enabled-raspberry-pi-in-bank-network/
-
Cybersecurity Trends 2025: What’s Really Coming for Your Digital Defenses
Cybersecurity trends in 2025 reveal rising AI threats, quantum risks, and supply chain attacks, pushing firms to adapt or face major data and financial losses. First seen on hackread.com Jump to article: hackread.com/cybersecurity-trends-2025-whats-your-digital-defenses/
-
Applying Tenable’s Risk-based Vulnerability Management to the Australian Cyber Security Centre’s Essential Eight
Tags: ai, attack, breach, business, cloud, compliance, container, control, cvss, cyber, cybersecurity, data, data-breach, defense, endpoint, finance, firewall, framework, google, government, identity, incident response, infrastructure, intelligence, Internet, microsoft, mitigation, network, ransomware, risk, service, software, strategy, technology, threat, tool, update, vpn, vulnerability, vulnerability-management, windows, zero-dayLearn how Thales Cyber Services uses Tenable to help customers navigate the maturity levels of the Essential Eight, enabling vulnerability management and staying ahead of cyber threats. In today’s fast-moving digital world, cyber threats are more advanced and relentless than ever. A single security breach can mean financial loss, reputational damage and operational chaos. That’s…
-
Hackers plant 4G Raspberry Pi on bank network in failed ATM heist
The UNC2891 hacking group, also known as LightBasin, used a 4G-equipped Raspberry Pi hidden in a bank’s network to bypass security defenses in a newly discovered attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-plant-4g-raspberry-pi-on-bank-network-in-failed-atm-heist/
-
Hidden Backdoor Found in ATM Network via Raspberry Pi
A covert ATM attack used a Raspberry Pi to breach bank systems, employing stealthy malware and anti-forensics techniques First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/backdoor-atm-network-raspberry-pi/
-
Palo Alto Networks to buy CyberArk for $25B as identity security takes center stage
The identity crisis driving this deal: Walk into any CISO’s office these days, and they’ll tell you the same story: hackers don’t need to break down the front door anymore. They just steal legitimate credentials and walk right in.”Today, most breaches originate not from malware or misconfigured ports but from stolen or misused credentials,” Tyagi…
-
Palo Alto Networks eyes $20B CyberArk deal as identity security takes center stage
The identity crisis driving this deal: Walk into any CISO’s office these days, and they’ll tell you the same story: hackers don’t need to break down the front door anymore. They just steal legitimate credentials and walk right in.”Today, most breaches originate not from malware or misconfigured ports but from stolen or misused credentials,” Tyagi…
-
AccuKnox partners with CyberKnight to deliver Zero Trust Security for a Leading Global Bank in the UAE.
Menlo Park, United States, 30th July 2025, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/accuknox-partners-with-cyberknight-to-deliver-zero-trust-security-for-a-leading-global-bank-in-the-uae/
-
India’s Financial Capital Mumbai Suffers $135 Million Loss in Cyber Frauds
suffered staggering financial losses amounting to Rs 1,127 crore (approximately $135 million) between January 2024 and March 2025. According to data released by the Mumbai Police, First seen on thecyberexpress.com Jump to article: thecyberexpress.com/mumbai-loses-usd-135-million-to-cyber-frauds/
-
How CISOs can scale down without compromising security
Tags: breach, business, ciso, compliance, control, cybersecurity, data, detection, finance, framework, gartner, governance, intelligence, jobs, metric, open-source, regulation, resilience, risk, soc, strategy, threat, tool, training, vulnerabilityStrategic risk (high, medium, low): What’s the actual exposure if this control fails?Business alignment: Which functions are enabling revenue, customer trust, or compliance?No-brainers: These are redundant tools, shelfware, or “security theatre” controls that look good on paper but deliver no measurable protection.For this assessment, Mahdi brings together a cross-functional team that includes business unit leaders,…
-
Android Banking Malware Masquerades as Government Agencies to Attack Users
Tags: android, attack, banking, cyber, exploit, finance, government, intelligence, malware, phishingCyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated Android banking trojan dubbed RedHook, which disguises itself as legitimate applications from Vietnamese government and financial institutions to deceive users. This malware, first observed in the wild around January 2025, exploits phishing websites mimicking entities like the State Bank of Vietnam, Sacombank, Central Power Corporation,…
-
How FinServ Firms Can Navigate Secure Open Finance in 2025 and Beyond
Banks Must Secure APIs, Vet Partners and Prepare for Open Finance Threats in 2025 Open finance is revolutionizing banking, but it’s also expanding the attack surface. Discover the critical API, data privacy and third-party risks facing financial institutions in 2025 – and how to build a secure future. First seen on govinfosecurity.com Jump to article:…
-
Seychelles Commercial Bank Reported Cybersecurity Incident
Seychelles Commercial Bank on Friday said it had recently identified and contained a cybersecurity incident. A hacker claims to have stolen and sold the personal data of clients of Seychelles Commercial Bank. The bank, which provides personal and corporate services on Seychelles, one of the world’s smallest countries, notified customers of a hack, but said…
-
Cyble Launches Essential 8 Cybersecurity Support Package for Australian Financial Sector
MELBOURNE, Australia First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cyble-introduces-support-package-in-australia/
-
Cyble Uncovers RedHook Android Trojan Targeting Vietnamese Users
Cybersecurity researchers at Cyble Research and Intelligence Labs (CRIL) have uncovered a new Android banking trojan called RedHook that is actively targeting Vietnamese mobile users. The malware is distributed via carefully crafted phishing sites impersonating trusted financial and government agencies. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/redhook-android-banking-trojan-exploiting/
-
Why behavioral intelligence is becoming the bank fraud team’s best friend
In this Help Net Security interview, Seth Ruden, Senior Director of Global Advisory at BioCatch, discusses how financial institutions are addressing fraud. He explains how … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/29/seth-ruden-biocatch-financial-institutions-fraud-prevention/
-
Allianz Life Breach Tied to CRM Compromise
Attackers Stole US Customer Data Using Social Engineering. A malicious actor breached a customer relationship management platform used by Allianz Life Insurance of North America on July 16 and stole personally identifiable information of most of its 1.4 million U.S. customers, financial professionals and some employees, the company said. First seen on govinfosecurity.com Jump to…
-
UNC3886 Hackers Target Singapore’s Critical Infrastructure by Exploiting 0-Day Vulnerabilities
Tags: china, cyber, cyberattack, exploit, finance, government, group, hacker, infrastructure, mandiant, service, threat, vulnerability, zero-daySingapore’s critical infrastructure sectors, including energy, water, telecommunications, finance, and government services, are facing an active cyberattack from UNC3886, a sophisticated China-linked advanced persistent threat (APT) group renowned for leveraging zero-day exploits and custom malware. First identified by Mandiant in 2022, UNC3886 has been operational since at least 2021, with confirmed activities exploiting vulnerabilities in…
-
Threat Actors Claim Breach of Airpay Payment Gateway
Cybercriminals have reportedly claimed a successful breach of Airpay, an Indian payment gateway service, raising serious concerns about the security of financial data and customer information. The allegations surfaced on underground forums where threat actors are allegedly offering access to sensitive data for sale, though the full extent and validity of the claimed breach remains…
-
Six months into DORA, most financial firms are still not ready
It’s been six months since the EU’s Digital Operational Resilience Act (DORA) came into effect, but a new Censuswide survey shows that nearly all financial services … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/25/dora-compliance-challenges-financial-firms/
-
Coyote malware is first-ever malware abusing Windows UI Automation
Tags: automation, banking, credentials, crypto, exploit, finance, framework, malware, microsoft, windowsNew Coyote malware uses Windows UI Automation to steal banking credentials, targeting Brazilian users across 75 banks and crypto platforms. Coyote malware is now the first to exploit Microsoft’s UI Automation framework in the wild, validating prior warnings from Akamai researchers in December 2024. The UI Automation (UIA) framework is a Microsoft accessibility framework that…
-
Banking Trojan Coyote Abuses Windows UI Automation
It’s the first known instance of malware that abuses the UIA framework and has enabled dozens of attacks against banks and crypto exchanges in Brazil. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/banking-trojan-coyote-windows-ui-automation