Tag: finance
-
UK proposal would forbid ransom payments by gov’t agencies, but will it meaningfully decrease ransomware attacks?
Tags: attack, backup, business, ceo, dark-web, data, finance, government, group, hacker, intelligence, law, ransom, ransomware, threatBusinesses often want to pay ransom: Fred Chagnon, principal research director at Info-Tech Research Group noted that, from a business continuity perspective, it can make sense to pay the ransom.”Paying the ransom can sometimes be the quickest and least damaging path to restoring operations, especially if backups are compromised or recovery is prohibitively slow. While…
-
Dell demonstration platform breached by World Leaks extortion group
Tags: access, attack, breach, data, data-breach, defense, encryption, exploit, extortion, finance, group, insurance, international, leak, network, ransomware, risk, risk-management, strategy, threat, toolLimited impact but strategic implications: Dell emphasized that the breached platform is architecturally separated from customer-facing networks and internal production systems. “Data used in the solution center is primarily synthetic (fake) data, publicly available datasets used solely for product demonstration purposes or Dell scripts, systems data, non-sensitive information, and testing outputs,” the report added, quoting…
-
Coyote Trojan First to Use Microsoft UI Automation in Bank Attacks
Coyote Trojan becomes first malware to abuse Microsoft’s UI Automation in real attacks, targeting banks and crypto platforms with stealthy tactics. First seen on hackread.com Jump to article: hackread.com/coyote-trojan-use-microsoft-ui-automation-bank-attacks/
-
Malicious LNK File Posing as Credit Card Security Email Steals User Data
Tags: authentication, credit-card, cyber, data, email, exploit, finance, malicious, powershell, threatThreat actors have deployed a malicious LNK file masquerading as a credit card company’s security email authentication pop-up to pilfer sensitive user information. The file, named >>card_detail_20250610.html.lnk,
-
MSPs unprepared to deal with financial impact of cyber attacks
Insights into the attitude of managed service providers to ransomware from CyberSmart has exposed a mixed response towards planning for the worst First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366627764/MSPs-unprepared-to-deal-with-financial-impact-of-cyber-attacks
-
Australian Regulator Alleges Financial Firm Exposed Clients to Unacceptable Cyber Risks
ASIC said the financial services firm’s failings led to a data breach impacting nearly 10,000 clients First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/australian-alleges-financial-cyber/
-
Financial Institutions Under Siege by Greedy Sponge Hackers’ Modified AllaKore RAT
A financially motivated threat actor, now identified as Greedy Sponge, has been relentlessly targeting Mexican organizations with a customized version of the AllaKore Remote Access Trojan (RAT). Named for its monetary focus and a past reference to a popular “SpongeBob” meme on its command-and-control (C2) infrastructure, this group has evolved its tactics over the years.…
-
The CISO code of conduct: Ditch the ego, lead for real
Where do we go from here?: To put a stop to this rising issue, we need to stop pretending this is someone else’s problem. We stop excusing toxic behavior just because someone carries the right title. And we stop treating leadership like it’s an untouchable domain reserved for those with the loudest voices or the…
-
New Report Reveals Just 10% of Employees Drive 73% of Cyber Risk
Tags: access, ai, attack, awareness, ceo, compliance, cyber, cybersecurity, data, finance, government, identity, office, phishing, resilience, risk, risk-management, strategy, technology, threat, trainingHuman risk is concentrated, not widespread: Just 10% of employees are responsible for nearly three-quarters (73%) of all risky behavior.Visibility is alarmingly low: Organizations relying solely on security awareness training (SAT) have visibility into only 12% of risky behavior, compared to 5X that for mature HRM programs.Risk is often misidentified: Contrary to popular belief, remote…
-
Serial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industry
The spyware maker was banned from the surveillance industry in 2021, but was caught flouting the ban less than a year later. Now the founder wants the ban lifted altogether. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/21/serial-spyware-founder-scott-zuckerman-wants-the-ftc-to-unban-him-from-the-surveillance-industry/
-
The Overlooked Risk in AI Infrastructure: Physical Security
As artificial intelligence (AI) accelerates across industries from financial modeling and autonomous vehicles to medical imaging and logistics optimization, one issue consistently flies under the radar: Physical security. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/the-overlooked-risk-in-ai-infrastructure-physical-security/
-
SquidLoader Malware Campaign Hits Hong Kong Financial Firms
Trellix exposes SquidLoader malware targeting Hong Kong, Singapore, and Australia’s financial service institutions. Learn about its advanced evasion tactics and stealthy attacks. First seen on hackread.com Jump to article: hackread.com/squidloader-malware-hits-hong-kong-financial-firms/
-
Threat actors scanning for apps incorporating vulnerable Spring Boot tool
Tags: access, attack, authentication, ciso, compliance, country, credentials, cybersecurity, data, data-breach, email, encryption, endpoint, exploit, finance, flaw, governance, group, hacker, incident response, infrastructure, Internet, kev, nist, organized, password, risk, technology, threat, tool, vulnerability, zero-day/health endpoints, commonly used to detect internet-exposed Spring Boot deployments. If vulnerable implementations of apps, including TeleMessage SGNL, are found, they could be exploited to steal sensitive data in heap memory, including plaintext usernames and passwords. The hole is serious enough that it was added this week to the US Cybersecurity and Infrastructure Security Agency’s Known Exploited…
-
ISMG Editors: Seychelles Bank Breach Echoes ‘Panama Papers’
Also: Train Hack Risks Outed by CISA Alert; AI Comprehension Issues Won’t Go Away. In this week’s update, four ISMG editors discussed the potential global implications of the Seychelles Commercial Bank data breach; the real-world threat of train hacks following an alert about a critical railway vulnerability; and growing concerns around AI’s comprehension problem. First…
-
Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools
Tags: cyber, cyberespionage, cybersecurity, espionage, finance, government, group, hacker, military, russia, toolFancy Bear, designated as APT28 by cybersecurity experts, represents a sophisticated Russian cyberespionage collective operational since 2007, renowned for infiltrating governments, military organizations, and strategic entities globally. This group, also known under aliases such as Sofacy, Sednit, STRONTIUM, and Unit 26165, pursues motivations encompassing financial gain, reputational sabotage, espionage, and political agendas. Their operations frequently…
-
Clément Domingo: “We are not using AI correctly to defend ourselves”
Tags: access, ai, attack, control, credentials, cyber, cyberattack, cybercrime, cybersecurity, dark-web, finance, government, group, hacker, infrastructure, intelligence, Internet, jobs, law, malicious, malware, office, password, programming, ransom, startup, threat, tool, trainingstartup, but dedicated to cybercrime in a very efficient way,” Domingo tells via email. “Most have what we call affiliates, which allows them to operate worldwide and attack any organization or entity. In most cases, the startup keeps 20% of the ransom and the accomplice takes 80%.”These are companies that, as he details, offer all…
-
Google sues 25 alleged BadBox 2.0 botnet operators, all of whom are in China
Ads giant complains of damage to its reputation and finances … and crime, too First seen on theregister.com Jump to article: www.theregister.com/2025/07/17/google_sues_25_unnamed_chinese/
-
China-Backed Hackers Intensify Attacks on Taiwan Chipmakers
3 State-Sponsored Groups Spear-Phish Semiconductor Ecosystem. Chinese state-aligned hackers have ramped up espionage efforts against Taiwan’s semiconductor ecosystem through spear-phishing campaigns. Three distinct threat actors targeted chipmakers, packaging and testing firms, equipment suppliers and financial analysts. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/china-backed-hackers-intensify-attacks-on-taiwan-chipmakers-a-29004
-
Breach Roundup: Fashion House Louis Vuitton Confirms Breach
Also: CISA Warns of Unpatched Train Brake Vulnerability. This week: Louis Vuitton and Co-op confirm breaches, unpatched train brake flaw, Barclays fined £42M pounds for financial crime failures, secret U.K. program relocated thousands of Afghans, ex-soldier pleads guilty to hacking, Ukrainian hackers claim hit on Russian drone supplier. First seen on govinfosecurity.com Jump to article:…
-
Estimated 96% of EMEA financial services sector not ready for DORA
Research from data backup provider Veeam indicates that vast majority of European financial services firms do not feel ready to meet the resiliency requirements of the EU’s DORA act First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627913/Estimated-96-of-EMEA-financial-services-sector-not-ready-for-DORA
-
Cryptohack Roundup: Abacus Market’s Suspected Exit Scam
Also: Scammer Gets 12-Year Sentence for Dodging Restitution. Abacus Market’s suspected exit scam, crypto scammer gets 12 years for dodging restitution, GMX exploiter returns funds, BigOne’s $27M hack, Arcadia Finance’s $3.5M theft, NZ woman’s trial for alleged murder and a DOJ crypto fraud filing’s potential unmasking of MoonPay victims. First seen on govinfosecurity.com Jump to…
-
Topsy-Turvy Data Breach Reality: Incidents Up, Victims Down
Most Compromises Trace to Financial Services, Healthcare, Professional Services. Data breaches rage on. In the first half of this year, the Identity Theft Resource Center counted 1,732 total data breaches affecting 166 million people, marking a rise in data breaches but a decline in victims, likely due to a drop in mega-breaches. First seen on…
-
H2Miner Targets Linux, Windows, and Containers to Illicitly Mine Monero
FortiGuard Labs researchers have uncovered a sophisticated cryptomining campaign where the H2Miner botnet, active since late 2019, has expanded its operations to target Linux, Windows, and containerized environments simultaneously. The campaign represents a significant evolution in cross-platform cryptocurrency mining attacks, with threat actors leveraging updated scripts and infrastructure to maximize financial gains from compromised systems.…
-
Chinese State-Sponsored Hackers Target Semiconductor Industry with Weaponized Cobalt Strike
Proofpoint Threat Research has identified a sophisticated multi-pronged cyberespionage campaign targeting Taiwan’s semiconductor industry between March and June 2025. Three distinct Chinese state-sponsored threat actors, designated as UNK_FistBump, UNK_DropPitch, and UNK_SparkyCarp, conducted coordinated phishing operations against organizations spanning semiconductor manufacturing, design, testing, supply chain entities, and financial investment analysts specializing in the Taiwanese semiconductor market.…
-
China-linked hackers target Taiwan chip firms in a coordinated espionage campaign
Tags: access, ai, attack, china, compliance, control, credentials, cyber, cybersecurity, detection, email, espionage, exploit, finance, framework, government, group, hacker, intelligence, international, login, monitoring, network, phishing, software, supply-chain, technology, threat, warfareInvestment banks in the crosshairs: A second group, UNK_DropPitch, targeted the financial ecosystem surrounding Taiwan’s semiconductor industry. This group conducted phishing campaigns against investment banks, focusing on individuals specializing in Taiwanese semiconductor analysis. The phishing emails purported to come from fictitious financial firms seeking collaboration opportunities.The third group, UNK_SparkyCarp, focused on credential harvesting through sophisticated…
-
Chinese Hackers Target Taiwan’s Semiconductor Sector with Cobalt Strike, Custom Backdoors
The Taiwanese semiconductor industry has become the target of spear-phishing campaigns undertaken by three Chinese state-sponsored threat actors.”Targets of these campaigns ranged from organizations involved in the manufacturing, design, and testing of semiconductors and integrated circuits, wider equipment and services supply chain entities within this sector, as well as financial investment First seen on thehackernews.com…
-
Most European Financial Firms Still Lagging on DORA Compliance
A Veeam survey found that 96% of financial services organizations believe their current levels of data resilience falls short of DORA compliance, citing major challenges First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/european-financial-dora-compliance/
-
How AI is changing the GRC strategy
Tags: access, ai, best-practice, breach, business, ciso, compliance, control, data, detection, finance, framework, fraud, governance, grc, guide, law, monitoring, network, nist, privacy, regulation, risk, risk-analysis, risk-management, strategy, threat, toolAdapting existing frameworks with AI risk controls: AI risks include data safety, misuse of AI tools, privacy considerations, shadow AI, bias and ethical considerations, hallucinations and validating results, legal and reputational issues, and model governance to name a few.AI-related risks should be established as a distinct category within the organization’s risk portfolio by integrating into…
-
SquidLoader Deploys Stealthy Malware with Near-Zero Detection to Evade Security Measures
A fresh variant of SquidLoader malware has surfaced, actively entering Hong Kong institutions with previously unheard-of stealth, which is alarming for the financial industry. This sophisticated loader achieves near-zero detection rates on platforms like VirusTotal, leveraging intricate anti-analysis, anti-sandbox, and anti-debugging mechanisms to deploy Cobalt Strike Beacons for remote access. The malware’s attack chain begins…