Tag: finance
-
FTC approves $126 million in Fortnite refunds over ‘dark patterns’
Tags: financeThe Federal Trade Commission (FTC) has approved $126,000,000 in refunds to be sent to 969,173 Fortnite players as part of a settlement over allegations that Epic Games tricked users into making unwanted purchases. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/legal/ftc-approves-126-million-in-fortnite-refunds-over-dark-patterns/
-
Open-source tools leveraged to compromise African financial sector
First seen on scworld.com Jump to article: www.scworld.com/brief/open-source-tools-leveraged-to-compromise-african-financial-sector
-
Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa
Cybersecurity researchers are calling attention to a series of cyber attacks targeting financial organizations across Africa since at least July 2023 using a mix of open-source and publicly available tools to maintain access.Palo Alto Networks Unit 42 is tracking the activity under the moniker CL-CRI-1014, where “CL” refers to “cluster” and “CRI” stands for “criminal…
-
Bankers Association’s Attack on Cybersecurity Transparency
Tags: attack, awareness, banking, breach, ciso, control, cybersecurity, data, extortion, finance, group, incident response, infrastructure, insurance, law, malicious, ransomware, riskA coalition of banking industry associations, including SIFA, the American Bankers Association (ABA), Bank Policy Institute (BPI), and several other lobbying groups have made a disgraceful appeal to the SEC to eliminate the rule requiring public disclosure of material cybersecurity incidents within four days of detection. This rule was established to ensure shareholders are properly…
-
Hackers Use Open-Source Offensive Cyber Tools to Attack Financial Businesses in Africa
The threat actor used a combination of open-source and publicly available tools to establish their attack framework First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-financial-businesses-africa/
-
Clearspeed Raises $60M to Scale AI Voice-Based Risk Platform
Voice Analytics Firm to Expand Footprint in Finance, Defense and Insurance. Clearspeed will use its $60 million raise to build out teams and technology as it scales its AI-powered voice screening platform across finance, insurance and security sectors. CEO Alex Martin said the firm aims to double revenue and push into conservative sectors seeking AI-powered…
-
LLMs hype versus reality: What CISOs should focus on
Tags: ai, attack, backdoor, breach, business, chatgpt, ciso, cloud, control, corporate, cyber, cybercrime, cybersecurity, data, finance, governance, LLM, malware, monitoring, network, open-source, risk, risk-management, sans, service, software, supply-chain, technology, threat, tool, vulnerabilitynot using AI even though there is a lot of over-hype and promise about its capability. That said, organizations that don’t use AI will get left behind. The risk of using AI is where all the FUD is.”In terms of applying controls, rinse, wash, and repeat the processes you followed when adopting cloud, BYOD, and…
-
Umgerechnet € 322.000 bei der Migration des IT-Systems einer Bank im Senegal gestohlen
Tags: financeEmptied accounts at BICIS First seen on senenews.com Jump to article: www.senenews.com/en/senegal/emptied-accounts-at-bicis-how-modou-diom-and-sunday-akamib-managed-to-hack-the-system-8534.html
-
Trump wants to axe rules affecting business competition
As the FTC and DOJ work to assess what rules to cut, lawmakers disagree on how deregulation will affect U.S. markets. First seen on techtarget.com Jump to article: www.techtarget.com/searchcio/news/366626445/Trump-wants-to-axe-rules-affecting-business-competition
-
Bank of America, Netflix, and Microsoft Hacked to Inject Fake Phone Numbers
Jérôme Segura, cybercriminals are exploiting search parameter vulnerabilities to inject fake phone numbers into the legitimate websites of major brands like Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. This sophisticated attack, technically termed a >>search parameter injection attack,
-
Weaponized DMV-Themed Phishing Scam Targets U.S. Citizens to Steal Personal and Financial Data
A highly coordinated phishing campaign impersonating various U.S. state Departments of Motor Vehicles (DMVs) has emerged as a significant threat, targeting citizens across multiple states with the intent to harvest personal and financial data. This sophisticated operation employs SMS phishing, commonly known as smishing, by sending alarming text messages from spoofed numbers that often appear…
-
Between Buzz and Reality: The CTEM Conversation We All Need
I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn’t have asked for a better kickoff panel: three cybersecurity leaders who don’t just talk security, they live it.Let me introduce them.Alex Delay, CISO at IDB Bank, knows what it means to defend a highly…
-
Unstructured Data Management: Closing the Gap Between Risk and Response
Unstructured Data Management: Closing the Gap Between Risk and Response madhav Tue, 06/24/2025 – 05:44 The world is producing data at an exponential rate. With generative AI driving 90% of all newly created content, organizations are overwhelmed by an ever-growing data estate. More than 181 zettabytes of data now exist globally”, and 80% of it…
-
Successful Military Attacks are Driving Nation States to Cyber Options
Tags: attack, china, communications, computing, cyber, cyberattack, cybersecurity, data, defense, exploit, extortion, finance, fraud, government, healthcare, infrastructure, iran, korea, middle-east, military, north-korea, russia, service, tactics, technology, tool, ukraine, vulnerability, warfareWith daring military attacks, kinetic warfare is shifting the balance of power in regions across the globe, upending the perception of power projection. Powerful nations are reeling from the impacts of bold assaults and seeking additional methods to drive foreign policy”Š”, “Šcyber may look as an appealing asymmetric warfare capability that is worth doubling-down on.…
-
New bipartisan Senate measure seeks to curtail AI-based finance deepfake schemes
First seen on scworld.com Jump to article: www.scworld.com/brief/new-bipartisan-senate-measure-seeks-to-curtail-ai-based-finance-deepfake-schemes
-
Warum echte Datenresilienz den Realitätscheck braucht
Jahrelang haben viele Unternehmen das Thema Datenresilienz auf die lange Bank geschoben. Im Laufe der Zeit hat die Zunahme an Bedrohungen, Vorschriften und Best Practices jedoch die Spielregeln verändert. Datenresilienz steht mittlerweile fest auf der To-Do-Liste vieler Unternehmen und das ist auch dringend notwendig. Datenresilienz Zeit für ein Umdenken Problem-Bewusstsein allein ist zwar […] First…
-
Warum echte Datenresilienz den Realitätscheck braucht
Jahrelang haben viele Unternehmen das Thema Datenresilienz auf die lange Bank geschoben. Im Laufe der Zeit hat die Zunahme an Bedrohungen, Vorschriften und Best Practices jedoch die Spielregeln verändert. Datenresilienz steht mittlerweile fest auf der To-Do-Liste vieler Unternehmen und das ist auch dringend notwendig. Datenresilienz Zeit für ein Umdenken Problem-Bewusstsein allein ist zwar […] First…
-
DDoS Attack on Financial Sector Triggers Multi-Day Service Outages
In an analysis by FS-ISAC and Akamai, the financial services sector has emerged as the primary target of Distributed Denial of Service (DDoS) attacks, with a dramatic surge in both the frequency and volume of malicious traffic. These attacks, designed to overwhelm systems and disrupt operations, have evolved into highly sophisticated campaigns that exploit complex…
-
The financial impact of Marks Spencer and Co-op cyberattacks could reach £440M
UK’s Cyber Monitoring Centre (CMC) labels Marks & Spencer and Co-op cyberattacks a Category 2 event, estimating financial impact at £270M£440M. The Cyber Monitoring Centre (CMC) has labeled the recent cyberattacks on Marks & Spencer and Co-op as a Category 2 systemic event, estimating losses between £270M and £440M. In early May, the attackers behind…
-
10 tough cybersecurity questions every CISO must answer
2. How can we achieve the right security balance for our company’s risk tolerance?: To play that consultative role, CISOs also need to ask and answer that question, says Vandy Hamidi, CISO of public accounting and advisory firm BPM.”My role is to reduce risk in a way that enables the business to operate confidently while…
-
How CISOs can justify security investments in financial terms
In this Help Net Security interview, John Verry, Managing Director at CBIZ, discusses how insurers and financial risk professionals evaluate cybersecurity maturity through … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/23/john-verry-cbiz-cyber-risk-business-terms/
-
Report Warns of Sophisticated DDoS Campaigns Crippling Global Banks
A new FS-ISAC and Akamai report warns that sophisticated DDoS attacks are severely impacting the global financial sector, leading to multi-day outages. Learn about these evolving threats and how institutions can strengthen defences. First seen on hackread.com Jump to article: hackread.com/sophisticated-ddos-campaigns-crippling-global-banks/
-
Financial deepfake scams targeted in bipartisan Senate bill
New legislation seeks the creation of a Treasury-led task force to examine and combat AI-fueled scams that trick Americans out of their money. First seen on cyberscoop.com Jump to article: cyberscoop.com/financial-deepfake-scams-targeted-in-bipartisan-senate-bill/
-
Iran’s government says it shut down internet to protect against cyberattacks
The government cited the recent hacks on Bank Sepah and cryptocurrency exchange Nobite as reasons to shut down internet access to virtually all Iranians. First seen on techcrunch.com Jump to article: techcrunch.com/2025/06/20/irans-government-says-it-shut-down-internet-to-protect-against-cyberattacks/
-
A ransomware attack pushed the German napkin firm Fasana into insolvency
A cyberattack pushed the German napkin firm Fasana into insolvency, likely worsening existing financial troubles and serving as the final blow. German napkin maker Fasana filed for insolvency after a major cyberattack on May 19 paralyzed its systems, halting over Euro250K in orders the next day. The napkin factory is located in Stotzheim, Germany, and…
-
How to conduct an effective post-incident review
Tags: breach, business, ciso, compliance, credentials, cyber, cybersecurity, detection, email, finance, governance, group, incident, incident response, lessons-learned, phishing, risk, service, software, tool, training, update, vulnerabilityPerform a root-cause analysis: Your post-incident review must include a root-cause analysis, Taylor says. “Identifying the underlying issues that caused the incident is essential for avoiding future cyber incidents,” he says.The post-incident review team should examine the root causes of the incident, whether they are technical, procedural, or human-related, and implement corrective actions and preventive…
-
How Financial Institutions Can Meet DORA Compliance with Crypto-Agility
Today’s financial systems are highly digital and deeply interconnected. That’s great until something breaks. Whether it’s ransomware paralyzing critical services or cryptographic vulnerabilities quietly eroding trust, disruptions are no longer rare”, they’re systemic. The Modern Heist Bank Report 2025 shows just how serious it’s become: 64% of surveyed financial institutions reported cyber incidents in the…