Tag: finance
-
Colossal breach exposes 4B Chinese user records in surveillance-grade database
Tags: breach, china, cybercrime, cybersecurity, data, data-breach, disinformation, exploit, finance, fraud, group, identity, infrastructure, insurance, intelligence, iphone, leak, mobile, organized, phishing, phone, threataccording to cybersecurity firm Cybernews, which reported its findings based on its own research.What makes this breach particularly alarming isn’t just its size, though at four billion records, it’s believed to be the largest single-source leak of Chinese personal data ever found, it’s the breadth and depth of information that was exposed.According to the report, the researchers stumbled…
-
More robust children’s online privacy law sought by FTC chair
First seen on scworld.com Jump to article: www.scworld.com/brief/more-robust-childrens-online-privacy-law-sought-by-ftc-chair
-
#Infosec2025: Cybersecurity Lessons From Maersk’s Former CISO
2017 ransomware attack on shipping company A P Moller Maersk marked a turning point for the cybersecurity industry, according to its former CISO Adam Banks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/infosec2025-lessons-maersk-ciso/
-
Top Cybersecurity Tools for Higher Education: Protecting Institutions
Universities have always been places of learning and innovation. Yet, in today’s digital world, they’re also prime targets for cybercriminals. From online learning platforms to student records, from research databases to financial systems, the amount of sensitive data that higher education institutions store has grown exponentially”, and so have the risks. Between AI-fueled disruption, rising…
-
Hackers Exploit New HTML Trick to Deceive Outlook Users into Clicking Malicious Links
Cybersecurity researchers have encountered a cleverly crafted phishing email targeting Czech bank customers, employing a lesser-known but highly deceptive technique to bypass security mechanisms and trick users into clicking malicious links. At first glance, the email appears to be a standard phishing attempt, masquerading as a legitimate message from a Czech bank and urging recipients…
-
Redefining Cyber Value: Why Business Impact Should Lead the Security Conversation
Security teams face growing demands with more tools, more data, and higher expectations than ever. Boards approve large security budgets, yet still ask the same question: what is the business getting in return? CISOs respond with reports on controls and vulnerability counts but executives want to understand risk in terms of financial exposure, operational impact,…
-
Outlook Users Targeted by New HTML-Based Phishing Scheme
A recent phishing campaign has revealed a sophisticated technique that exploits Microsoft Outlook’s unique handling of HTML emails to conceal malicious links from corporate users. The attack, initially appearing as a standard phishing attempt impersonating a Czech bank, leverages conditional HTML comments to display different content depending on the email client used to open the…
-
FTC chair implores Congress to strengthen children’s online privacy protection law
The FTC’s Andrew Ferguson called on Congress to update federal law to get rid of exceptions for tech firms that handle children’s data. First seen on therecord.media Jump to article: therecord.media/ftc-chair-implores-congress-to-strengthen-childrens-privacy-law
-
UAE Central Bank Tells FIs to Drop SMS, OTP Authentication
Banking Sector Faces Challenges in Meeting March 2026 Compliance Deadline. The Central Bank of UAE has issued a directive asking financial institutions to eliminate weak authentication methods including SMS and email OTPs. Banks are also expected to implement real-time fraud monitoring and suspend sessions when malicious activity is detected. First seen on govinfosecurity.com Jump to…
-
100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC
MPs on Treasury committee hear that those affected were being contacted and would face ‘no financial loss’HM Revenue & Customs has lost £47m after a phishing scam breached tens of thousands of tax accounts, a group of MPs has heard.Two senior civil servants at the tax authority told the Treasury committee that 100,000 people had…
-
Cartier, North Face, MainStreet Bank among retailers struck by cyberattacks
First seen on scworld.com Jump to article: www.scworld.com/news/cartier-north-face-mainstreet-bank-among-retailers-struck-by-cyberattacks
-
MainStreet Bank data pilfered in third-party hack
First seen on scworld.com Jump to article: www.scworld.com/brief/mainstreet-bank-data-pilfered-in-third-party-hack
-
Posture ≠Protection
CSPM, DSPM, ASPM, SSPM, ESPM, the alphabet soup of Security Posture Management (SPM) tools promises visibility into risk. They map misconfigurations, surface exposure paths and highlight policy gaps. That can be useful. But let’s not confuse awareness with action. They don’t block threats.They don’t enforce controls.They don’t prevent breaches. SPMs detect, then delegate. A ticket.…
-
Crocodilus malware adds fake entries to victims’ contact lists in new scam campaign
Researchers are warning about the rise of Crocodilus malware, which can trick victims into thinking that a fraudster is contacting them from a trusted number, such as a bank’s support line. First seen on therecord.media Jump to article: therecord.media/crocodilus-android-malware-banking-fraud
-
Russian Hacker Black Owl Targets Critical Industries to Steal Financial Data
A pro-Ukrainian hacktivist group known as BO Team, also operating under aliases such as Black Owl, Lifting Zmiy, and Hoody Hyena, has emerged as a formidable threat to Russian organizations in 2025. This group, which publicly declared its intentions via a Telegram channel in early 2024, has been implicated in a series of devastating cyberattacks…
-
Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets
A growing number of malicious campaigns have leveraged a recently discovered Android banking trojan called Crocodilus to target users in Europe and South America.The malware, according to a new report published by ThreatFabric, has also adopted improved obfuscation techniques to hinder analysis and detection, and includes the ability to create new contacts in the victim’s…
-
ThreatPlattformen ein Kaufratgeber
Tags: ai, attack, automation, breach, cisa, cloud, crowdstrike, cyber, cyberattack, dark-web, deep-fake, dns, edr, exploit, finance, firewall, gartner, identity, incident response, intelligence, mail, malware, monitoring, network, open-source, phishing, risk, siem, soar, soc, threat, tool, vulnerability, zero-dayThreat-Intelligence-Plattformen erleichtern es, Bedrohungen zu durchdringen und wirksame Abwehrmaßnahmen zu ergreifen.Der erste Schritt zu einem soliden Enterprise-Security-Programm besteht darin, eine geeignete Threat-Intelligence-Plattform (TIP) auszuwählen. Fehlt eine solche Plattform, haben die meisten Security-Teams keine Möglichkeit, Tool-Komponenten miteinander zu integrieren und angemessene Taktiken und Prozesse zu entwickeln, um Netzwerke, Server, Applikationen und Endpunkte abzusichern. Aktuelle Bedrohungstrends machen…
-
Bankers Association’s attack on cybersecurity transparency
A coalition of banking industry associations, including SIFA, the American Bankers Association (ABA), Bank Policy Institute (BPI), and several other lobbying groups have made … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/03/bankers-association-attack-on-cybersecurity-transparency/
-
Bank in Virginia, USA von Cyberangriff auf einen Dienstleister betroffen
Form 8-K First seen on sec.gov Jump to article: www.sec.gov/Archives/edgar/data/1693577/000143774925019008/main20250328_8k.htm
-
MainStreet Bank reports vendor cyber incident that leaked customer info
In regulatory filings with the Securities and Exchange Commission, MainStreet Bank’s holding company said a cyber incident connected to a third-party vendor had exposed information. First seen on therecord.media Jump to article: therecord.media/Main-street-cyber-incident-bank
-
US community bank says thieves drained customer data through third party hole
Disclosure at MainStreet Bancshares comes as American finance orgs beg for looser reporting requirements First seen on theregister.com Jump to article: www.theregister.com/2025/06/02/mainstreet_bancshares_says_thirdparty_breach/
-
Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions
Cybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called Netbird to target Chief Financial Officers (CFOs) and financial executives at banks, energy companies, insurers, and investment firms across Europe, Africa, Canada, the Middle East, and South Asia. “In what appears to be a multi-stage phishing operation, the…
-
X-Konto einer staatlichen Bank in Bolivien gehackt
Tags: financeCiberataque al Banco Unión: usan su cuenta para promover criptomonedas First seen on abyayala.tv.bo Jump to article: abyayala.tv.bo/ciberataque-al-banco-union-usan-su-cuenta-para-promover-criptomonedas/
-
Zero-Knowledge-Protokoll: Was Sie über zk-SNARK wissen sollten
Zero-Knowledge-Protokolle wie zk-SNARK nutzen die kleinstmögliche Informationsmenge zur Authentifizierung.Unter den Zero-Knowledge-Protokollen nimmt zk-SNARK (Zero-knowledge succinct non-interactive argument or knowledge) eine Sonderrolle ein es ist das populärste. Weil Zero-Knowledge-Systeme die Art und Weise, wie Authentifizierung funktioniert, revolutionieren könnten, gewinnen sie zunehmend an Bedeutung, während sie sich stetig weiterentwickeln. Die Mathematik, die hinter diesen Systemen und Protokollen…