Tag: finance
-
DoJ Disrupts North Korean IT Worker Scheme Across Multiple US States
The US also conducted searches of 29 laptop farms across 16 states and seized 29 financial accounts used to launder funds. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/doj-disrupts-north-korean-it-worker-scheme
-
US Sanctions Aeza Group for Hosting Infostealers, Ransomware
Russian Bulletproof Host Also Designated a Front Company in the UK. The United States cut off from the U.S.-dominated international financial system a Russian provider of digital infrastructure to cybercriminal groups, accusing St. Petersburg-based Aeza Group of hosting infostealers and ransomware operations. The U.S. said Aeza is a bulletproof hosting service. First seen on govinfosecurity.com…
-
Ahold Delhaize USA says cyberattack exposed personal data of 2M people
The intruders who gained access to the grocer’s online systems in November had access to information including birthdays, Social Security numbers and bank account details. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ahold-delhaize-usa-cyberattack-grocery-personal-data-exposed/752053/
-
How OTP Works (Step-by-Step), What Really Happens Behind Those One-Time Codes
Introduction You’ve probably seen those little one-time codes pop up when you’re logging into your bank, email, or some app… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/how-otp-works-step-by-step-what-really-happens-behind-those-one-time-codes/
-
50 customers of French bank hit after insider helped SIM swap scammers
French police have arrested a business student interning at the bank Société Générale who is accused of helping SIM-swapping scammers to defraud 50 of its clients. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/50-customers-of-french-bank-hit-after-insider-helped-sim-swap-scammers
-
Blind Eagle Hackers Leverage Open-Source RATs and Ciphers to Evade Static Detection
Trustwave SpiderLabs has uncovered a chilling cyber threat targeting Latin American organizations, particularly in the financial sector, with a focus on Colombian institutions. The threat cluster, linked to the notorious Proton66 OOO infrastructure, employs a cunning mix of open-source Remote Access Trojans (RATs) and advanced obfuscation techniques to bypass static detection mechanisms. Unmasking a Sophisticated…
-
U.S. Arrests Facilitator in North Korean IT Worker Scheme; Seizes 29 Domains and Raids 21 Laptop Farms
The U.S. Department of Justice (DoJ) on Monday announced sweeping actions targeting the North Korean information technology (IT) worker scheme, leading to the arrest of one individual and the seizure of 29 financial accounts, 21 fraudulent websites, and nearly 200 computers.The coordinated action saw searches of 21 known or suspected “laptop farms” between June 10…
-
US DOJ makes progress combatting North Korean remote IT worker schemes
Any organization is at risk: During a media briefing, senior DOJ and FBI officials noted that at least one of the organizations that had unknowingly contracted the illicit workers was a government contractor, but, they said, anyone in the US posting jobs for remote workers is at risk.”The threat posed by DPRK operatives is both…
-
CISOs must rethink defense playbooks as cybercriminals move faster, smarter
Tags: access, automation, breach, business, cisco, ciso, crowdstrike, cybercrime, cybersecurity, data, defense, finance, incident response, Intruder, okta, ransomware, siem, technology, threatThreat actor containment: Increasingly ‘surgical’ and best with a plan: Even after an intruder has been identified, today’s rapid pace of adversary activity is also straining cybersecurity teams’ ability to contain intruders before they can cause damage.”If I’m a CISO, if I’m responsible for detecting and remediating that incident before it progresses to becoming a…
-
U.S. Arrests Key Facilitator in North Korean IT Worker Scheme, Seizes $7.74 Million
The U.S. Department of Justice (DoJ) on Monday announced sweeping actions targeting the North Korean information technology (IT) worker scheme, leading to the arrest of one individual and the seizure of 29 financial accounts, 21 fraudulent websites, and nearly 200 computers.The coordinated action saw searches of 21 known or suspected “laptop farms” across 14 states…
-
How cybercriminals are weaponizing AI and what CISOs should do about it
In a recent case tracked by Flashpoint, a finance worker at a global firm joined a video call that seemed normal. By the end of it, $25 million was gone. Everyone on the call … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/01/defending-ai-powered-cybercrime/
-
Cyberangriff auf eine Bank in Kentucky, USA
We have been targeted by a cyberattack. First seen on mbcbank.com Jump to article: www.mbcbank.com/
-
U.S. DOJ Cracks Down on North Korean Remote IT Workforce Operating Illegally
The U.S. Department of Justice (DOJ) has announced a major crackdown on North Korea’s covert use of remote information technology (IT) workers to siphon millions from American companies and fund its weapons programs. The coordinated law enforcement actions, resulted in the arrest of a New Jersey man, the seizure of 29 financial accounts, 21 fraudulent…
-
Improving NHIs Management in Your Organization
Is Your Organization Harnessing the Full Power of Non-Human Identities? The increasing reliance on automation and cloud computing in industries such as healthcare, financial services, and travel, has led to a surge in Non-Human Identities (NHIs). Deployed effectively, these machine identities can significantly streamline operations. However, their management presents a new layer of complexity in……
-
US DOJ announces progress combatting North Korean remote IT worker schemes
Any organization is at risk: During a media briefing, senior DOJ and FBI officials noted that at least one of the organizations that had unknowingly contracted the illicit workers was a government contractor, but, they said, anyone in the US posting jobs for remote workers is at risk.”The threat posed by DPRK operatives is both…
-
UNFI expects financial hit from cyberattack as recovery continues
First seen on scworld.com Jump to article: www.scworld.com/brief/unfi-expects-financial-hit-from-cyberattack-as-recovery-continues
-
In an FTC antitrust win, Meta could face divestitures
Tags: financeThe FTC argues that Meta acquired Instagram and WhatsApp to eliminate competition in social media networks. If the FTC wins its case, Meta could be forced to sell those products. First seen on techtarget.com Jump to article: www.techtarget.com/searchcio/news/366626759/In-an-FTC-antitrust-win-Meta-could-face-divestitures
-
Blind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian Banks
The threat actor known as Blind Eagle has been attributed with high confidence to the use of the Russian bulletproof hosting service Proton66.Trustwave SpiderLabs, in a report published last week, said it was able to make this connection by pivoting from Proton66-linked digital assets, leading to the discovery of an active threat cluster that leverages…
-
Identity Security Best Practices Compliance, What Smart Teams Should Be Doing Now
Introduction Let’s be real, no one wakes up thinking about identity security. It’s one of those things that quietly works in the background”¦ until it doesn’t. And when it fails, it’s usually a total disaster. Think about it. Every time you log into your bank, your company’s dashboard, or even your social media, your… First…
-
Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat
Tags: access, advisory, ai, api, attack, authentication, best-practice, cisa, computer, computing, crypto, cryptography, cyber, cybersecurity, data, defense, encryption, exploit, finance, framework, google, governance, government, group, hacker, healthcare, infrastructure, injection, intelligence, Internet, iran, login, mfa, military, mitigation, mitre, network, nist, passkey, password, programming, ransomware, risk, rust, service, software, strategy, tactics, technology, terrorism, threat, tool, training, vulnerability, warfareCheck out the U.S. government’s latest call for developers to use memory-safe programming languages, as well as its warning for cybersecurity teams regarding cyber risk from hackers tied to Iran. Plus, get the latest on ransomware trends, the quantum computing cyber threat and more! Dive into five things that are top of mind for the…
-
Data spill in aisle 5: Grocery giant Ahold Delhaize says 2.2M affected after cyberattack
Finance, health, and national identification details compromised First seen on theregister.com Jump to article: www.theregister.com/2025/06/27/ahold_delhaize_breach/
-
Navigating a Heightened Cyber Threat Landscape: Military Conflict Increases Attack Risks
Tags: advisory, ai, attack, authentication, breach, business, cloud, container, control, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, exploit, finance, firmware, group, hacker, hacking, Hardware, identity, infrastructure, intelligence, Internet, iran, mfa, military, network, password, risk, russia, service, strategy, tactics, technology, terrorism, threat, tool, update, vulnerability, vulnerability-managementThe current geopolitical climate demands a proactive, comprehensive approach to cybersecurity. Here’s what you need to know, and how Tenable can help. The cybersecurity landscape is in constant flux, but rarely do we see such a rapid escalation of threats as we are currently experiencing. The U.S. Department of Homeland Security’s (DHS) National Terrorism Advisory…
-
Frequently Asked Questions About Iranian Cyber Operations
Tags: access, advisory, api, apt, attack, authentication, awareness, cisa, cloud, credentials, cve, cyber, cybersecurity, data, data-breach, defense, dos, exploit, finance, framework, government, group, Hardware, identity, infrastructure, injection, Internet, iran, ivanti, malware, mfa, microsoft, middle-east, military, mitre, monitoring, network, password, ransomware, rce, remote-code-execution, risk, service, software, supply-chain, tactics, technology, terrorism, threat, tool, update, vpn, vulnerability, windowsTenable’s Research Special Operations team focuses on some frequently asked questions about Iranian cyber operations, including the tactics, techniques and procedures employed by Iran-based threat actors. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding Iranian cyber operations in the wake of the recent conflict and…
-
The Age of Integrity
We need to talk about data integrity. Narrowly, the term refers to ensuring that data isn’t tampered with, either in transit or in storage. Manipulating account balances in bank databases, removing entries from criminal records, and murder by removing notations about allergies from medical records are all integrity attacks. More broadly, integrity refers to ensuring…
-
Lunar Spider Lotus V2 Loader Campaign Using Fake CAPTCHA Delivery and DLL Sideloading
Lunar Spider is a financially motivated cybercrime group that has been active since at least 2017. The group primarily engages in financial fraud and access First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/06/27/lunar-spider-lotus-v2-loader-campaign-using-fake-captcha-delivery-and-dll-sideloading/
-
APT36 Hackers Launching Cyberattacks on Government Entities, Financial Sectors, and Critical Systems
Tags: apt, cyber, cyberattack, exploit, finance, government, group, hacker, infrastructure, threat, usa, vulnerabilityThe cyber threat group APT-C-36, widely known as Blind Eagle, has been orchestrating sophisticated cyberattacks targeting a range of sectors across Latin America, with a pronounced focus on Colombian organizations. This group has consistently zeroed in on government institutions, financial organizations, and critical infrastructure, exploiting vulnerabilities with a blend of technical prowess and social engineering.…
-
Retail giant Ahold Delhaize says data breach affects 2.2 million people
Ahold Delhaize, one of the world’s largest food retail chains, is notifying over 2.2 million individuals that their personal, financial, and health information was stolen in a November ransomware attack that impacted its U.S. systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/retail-giant-ahold-delhaize-says-data-breach-affects-22-million-people/