Tag: finance
-
UK banks urged to beef up anti-fraud systems for international payments
Data reveals ‘notable increase’ in scammers tricking people into sending money abroadUK banks and payment firms have been urged to strengthen their anti-fraud systems for international payments after a rise in scammers tricking people into sending money abroad.After years of horror stories about people losing huge sums through bank transfer scams, rules came into force…
-
Top Cloud Vulnerabilities in Fintech and How to Fix Them
Tags: banking, cloud, computing, cyber, finance, fintech, international, mobile, service, technology, threat, vulnerabilityFor financial technology (FinTech) organizations, cloud security is both a top priority and a significant concern, as highlighted by a study conducted by McKinsey and the Institute of International Finance (IIF). FinTech companies increasingly rely on cloud computing to power services such as mobile banking, digital payments, and investment platforms. However, as cyber threats grow……
-
NetBird malware spread in advanced finance exec-targeted spear-phishing
First seen on scworld.com Jump to article: www.scworld.com/brief/netbird-malware-spread-in-advanced-finance-exec-targeted-spear-phishing
-
Autonomous Payment or Anarchy? AI Gets Purchasing Power
As Visa and Mastercard Deploy AI Agents, Experts Ask: Who Holds the Receipt?. When AI assistants order groceries or book flights, who’s responsible when something goes wrong? That question is no longer hypothetical. As Visa and Mastercard enable AI agents to perform transactions on behalf of cardholders, experts weigh the legal, security and privacy stakes.…
-
US Banks Urge SEC to Repeal Cyber Disclosure Rule
Five major banking associations in the US claim the new SEC cyber incident disclosure rule puts a strain on their resources First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-banks-sec-repeal-cyber/
-
Why privacy in blockchain must start with open source
Traditionally, trust came from centralized institutions. Banks, payment networks, and clearinghouses are closed systems. Users cannot see the inner workings, but they rely on … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/30/open-source-blockchain-privacy/
-
5 ways teams can comply with the FTC’s GoDaddy ruling
Tags: financeFirst seen on scworld.com Jump to article: www.scworld.com/perspective/5-ways-teams-can-comply-with-the-ftcs-godaddy-ruling
-
Adversarial AI: The new frontier in financial cybersecurity
The financial sector is adept at balancing risk and opportunity. Adversarial AI is its next big challenge First seen on theregister.com Jump to article: www.theregister.com/2025/05/29/qa_adversarial_ai_financial_services_2025/
-
Most LLMs don’t pass the security sniff test
Advice to CSOs: Lee said that CSOs should consider the following before approving any LLM:Training data: figure out where the model got its info. Random web grabs expose your secrets;Prompt history: if your questions stick around on their servers, they’ll turn up in the next breach bulletin;Credentials: stolen API keys and weak passwords keep attackers…
-
Risk assessment vital when choosing an AI model, say experts
Advice to CSOs: Lee said that CSOs should consider the following before approving any LLM:Training data: figure out where the model got its info. Random web grabs expose your secrets;Prompt history: if your questions stick around on their servers, they’ll turn up in the next breach bulletin;Credentials: stolen API keys and weak passwords keep attackers…
-
Smashing Security podcast #419: Star Wars, the CIA, and a WhatsApp malware mirage
Why is a cute Star Wars fan website now redirecting to the CIA? How come Cambodia has become the world’s hotspot for scam call centres? And can a WhatsApp image really drain your bank account with a single download, or is it just a load of hacker hokum? First seen on grahamcluley.com Jump to article:…
-
CFOs, financial execs in crosshairs of ‘highly targeted’ spearphishing campaign
Hackers are preying on senior corporate leaders at banks, investment firms, utilities and insurance companies worldwide. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/spearphishing-remote-access-campaign-cfos-finance-executives-trellix/749192/
-
More than $12 million stolen from crypto platform Cork Protocol
Decentralized finance platform Cork Protocol paused trading and launched an investigation after millions of dollars’ worth of Ethereum were lost in a “security incident.” First seen on therecord.media Jump to article: therecord.media/cork-protocol-defi-12million-crypto-theft
-
Zanubis Android Malware Harvests Banking Credentials and Executes Remote Commands
The Zanubis Android banking Trojan has evolved into a highly sophisticated threat, initially targeting financial institutions in Peru before expanding its scope to virtual cards and cryptocurrency wallets. This malware, known for impersonating legitimate Peruvian Android apps, tricks users into granting accessibility permissions, thereby enabling extensive data theft and remote control capabilities. Evolution of a…
-
Cybercriminals Are Turning Ordinary Citizens Into Money Mules in a New ‘RentBank-Account’ Scam
Cybercriminals are exploiting vulnerable individuals by transforming them into unwitting money mules through a sophisticated fraud known as the ‘rent-a-bank-account’ scam. This scam involves fraudsters enticing people, often those in financial distress, with promises of quick cash in exchange for temporarily “lending” their bank accounts for transactions. Luring Victims with Promises of Easy Money A…
-
Your Mobile Apps May Not Be as Secure as You Think”¦ FireTail Blog
Tags: access, ai, android, api, authentication, banking, best-practice, cloud, control, cyber, cybersecurity, data, encryption, finance, leak, mobile, password, phone, risk, threat, vulnerabilityMay 28, 2025 – Lina Romero – Your Mobile Apps May Not Be as Secure as You Think”¦ Excerpt: Cybersecurity risks are too close for comfort. Recent data from the Global Mobile Threat Report reveals that our mobile phone applications are most likely exposing our data due to insecure practices such as API key hardcoding.…
-
FTC Orders GoDaddy to Bolster Its Security After Years of Attacks
Web hosting giant GoDaddy for years has mislead customers about the strength of its security program, but after a series of data breaches, the FTC is ordering the company to implements robust defenses and stop lying about its cybersecurity capabilities. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/ftc-orders-godaddy-to-bolster-its-security-after-years-of-attacks/
-
‘Secure email’: A losing battle CISOs must give up
End-to-end encryption remains elusive: Email continues to be the dominant electronic communication tool today because it is well understood, relatively easy to use, and relatively inexpensive. By and large, businesses have approved email for sending confidential information, and we often convince ourselves that it is secure, can be secured with third-party tools, or it’s “good…
-
Will AI agent-fueled attacks force CISOs to fast-track passwordless projects?
Tags: access, ai, api, attack, authentication, breach, business, ciso, cloud, credentials, cyber, cybersecurity, data, fido, finance, framework, google, Hardware, identity, login, metric, microsoft, okta, passkey, password, phishing, privacy, risk, risk-management, service, technology, threat, tool, update, zero-trustPasswordless options: In retiring passwords, security leaders will need to consider their options, passkeys, biometrics, and third-party login services, looking for the best technical, usability, and security fit. There are pros and cons for each option, and in many cases CISOs may be guided towards one based on their existing environment.Passkeys, used by Microsoft, Samsung,…
-
Masimo says cyberattack will not prevent it from fulfilling orders
The maker of patient monitoring devices said the incident will not have a material effect on its updated financial outlook. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/masimo-cyberattack-fulfilling-orders/749076/
-
Adidas Falls Victim to Third-Party Data Breach
Though Adidas said that no payment or financial information was affected in the breach, individuals who contacted the compamy’s customer service help desk were impacted. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/adidas-victim-third-party-data-breach
-
Cybercriminals Clone Antivirus Site to Spread Venom RAT and Steal Crypto Wallets
Tags: access, antivirus, credentials, crypto, cybercrime, cybersecurity, finance, malicious, rat, softwareCybersecurity researchers have disclosed a new malicious campaign that uses a fake website advertising antivirus software from Bitdefender to dupe victims into downloading a remote access trojan called Venom RAT.The campaign indicates a “clear intent to target individuals for financial gain by compromising their credentials, crypto wallets, and potentially selling access to their systems,” the…
-
Code security in the AI era: Balancing speed and safety under new EU regulations
Tags: ai, compliance, cyber, finance, government, open-source, programming, regulation, resilience, risk, software, technology, tool, update, vulnerability, windowsThe regulatory response: EU Cyber Resilience Act European regulators have taken notice of these emerging risks. The EU Cyber Resilience Act is set to take full effect in December 2027, and it imposes comprehensive security requirements on manufacturers of any product that contains digital elements.Specifically, the act mandates security considerations at every stage of the…
-
Iranian Cybergroup Toufan Targets Organizations to Steal Login Credentials
A pro-Palestinian cybergroup called Cyber Toufan, which means >>cyber storm,
-
Feel Relieved by Perfecting Your NHI Tactics
Is Your Cybersecurity Strategy Ready for Non-Human Identities? Non-Human Identities (NHIs) and Secrets Security Management have emerged as crucial components of a comprehensive cybersecurity strategy. These powerful tools, once adequately managed, can significantly decrease the risk of security breaches and data leaks. Professionals in various sectors, including financial services, healthcare, travel, DevOps, and SOC teams,……
-
How Free Are Your NHIs from Cyber Threats?
How Secure Are Your Non-Human Identities From Cyber Threats? Are you confident that your non-human identities (NHIs) are free from cyber threats? If your initial reaction is uncertainty or hesitation, don’t worry, you are not alone. Many organizations face challenges in securing their NHIs, regardless of the industry they belong to, including healthcare, financial services,……
-
Fake DigiYatra Apps Target Indian Users to Steal Financial Data
Threat actors have been exploiting the trust in India’s digital public infrastructure by setting up a deceptive phishing site, digiyatra[.]in, impersonating the DigiYatra Foundation. This fraudulent website, still live at the time of reporting, is being used to harvest personal user data by presenting itself as an official service for air travelers. Data Harvesting The…