Tag: finance
-
Benchmarks QA: What the finance sector’s new X9 PKI standard signals for other industries
Tags: financeAs organizations brace for the rising tide of machine identities and prepare for a post-quantum cryptographic era, a quiet but crucial shift is underway in the financial sector: the deployment of a new, private PKI standard designed specifically to meet… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/benchmarks-qa-what-the-finance-sectors-new-x9-pki-standard-signals-for-other-industries/
-
Multiple iHeartRadio stations breached in December
Tags: financeSeveral radio stations owned by iHeartMedia were breached in December, exposing Social Security numbers, financial information and more. First seen on therecord.media Jump to article: therecord.media/iheart-radio-stations-breached-december
-
Firefox’s Future Uncertain Without Google Search Deal, Insider Warns
Mozilla’s Chief Financial Officer testified that Firefox could face extinction if Justice Department proposals targeting Google’s search dominance are fully implemented, revealing the browser’s precarious financial position amid ongoing antitrust proceedings. Mozilla Corporation CFO Eric Muhlheim delivered stark testimony Friday, characterizing the potential loss of Google search revenue as >>very frightening
-
>>Firefox’s Future Uncertain Without Google Search Deal, Insider Warns<<
Mozilla’s Chief Financial Officer testified that Firefox could face extinction if Justice Department proposals targeting Google’s search dominance are fully implemented, revealing the browser’s precarious financial position amid ongoing antitrust proceedings. Mozilla Corporation CFO Eric Muhlheim delivered stark testimony Friday, characterizing the potential loss of Google search revenue as >>very frightening
-
US Readies Huione Group Ban Over Cybercrime Links
Huione Group Helped Criminals Launder Over $4 Billion Worth of Cybercrime Proceeds. The U.S. Department of Treasury set in motion a process to ban a Cambodian company’s access to the dollar financial system for running a vast illicit marketplace for cybercrime tools and laundering billions of dollars on behalf of North Korean and other cybercrime…
-
Luna Moth extortion hackers pose as IT help desks to breach US firms
The data-theft extortion group known as Luna Moth, aka Silent Ransom Group, has ramped up callback phishing campaigns in attacks on legal and financial institutions in the United States. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/luna-moth-extortion-hackers-pose-as-it-help-desks-to-breach-us-firms/
-
ANZ Bank to Eliminate Passwords for Digital Banking Services
Tags: authentication, banking, breach, credentials, cybercrime, finance, hacker, malware, mfa, password, serviceHackers Bypass MFA to Steal Australians’ Banking Credentials. Melbourne-based ANZ Bank will introduce passwordless authentication for digital banking services amid news that hackers have stolen the banking credentials of tens of thousands of Australians. Cybercriminals used infostealer malware to steal the credentials of more than 30,000 Australians. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/anz-bank-to-eliminate-passwords-for-digital-banking-services-a-28288
-
CISO vs CFO: why are the conversations difficult?
Tags: ai, attack, breach, business, ciso, compliance, cyber, cyberattack, cybersecurity, finance, insurance, jobs, metric, ransomware, RedTeam, risk, risk-management, saas, strategy, technology, threat, toolmight happen, which often means the best outcome is nothing happens. That’s a tough sell.”Although a single cyberattack can wipe out millions of dollars, CFOs and CISOs often approach cybersecurity from fundamentally different perspectives. Bridging this divide requires more than just better communication, it demands, as Argyle put it, a shift in mindset. The disconnect…
-
How OSINT supports financial crime investigations
In this Help Net Security interview, Stuart Clarke, CEO at Blackdot Solutions, discusses the strategic use of open-source intelligence (OSINT) in tackling financial crime. He … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/05/stuart-clarke-blackdot-solutions-financial-crime-osint/
-
AI Bots Take Over Cybersecurity at HDFC Bank
HDFC Bank’s Sameer Ratolikar on the Automation Shift in Security. HDFC Bank’s CISO Sameer Ratolikar shares the bank’s vision of becoming an AI-first institution, emphasizing architectural simplicity, agentic AI for threat detection and balancing automation with human expertise to enhance cybersecurity and customer experience. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-bots-take-over-cybersecurity-at-hdfc-bank-a-28241
-
Treasury Moves to Ban Huione Group for Laundering $4 Billion
The Treasury Department is moving to cut off Huione Group, a Cambodian conglomerate, from the U.S. financial system, saying the firm and its multiple entities laundered billions of dollars for North Korea’s Lazarus Group and criminal gangs running pig-butchering scams from Southeast Asia. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/treasury-moves-to-ban-huione-group-for-laundering-4-billion/
-
M&S boss urges shoppers to visit stores in person as it battles cyber-attack
Retailer ‘working day and night’ to tackle incident that has hit its online operationsThe boss of Marks & Spencer has urged customers to come into its stores to shop in person this bank holiday weekend as the retailer works “day and night” to tackle the cyber-attack that has crippled its online operation.The retailer’s IT systems…
-
Scattered Spider Linked to Marks & Spencer Hack
Retailer Continues to Recover From Ransomware Incident. British retailer Marks & Spencer was reportedly targeted by financial crime group Scattered Spider, who deployed ransomware on the company’s VMware ESXi server. The retailer continues to recover from a cyber incident that disrupted operations in its online and offline stores. First seen on govinfosecurity.com Jump to article:…
-
Cryptohack Roundup: KiloEX Offers Compensation
Also, Nike Sued Over Shutdown of NFT Subsidiary. This week, KiloEX compensation after Oracle exploit, Nike sued over NFT shutdown, SEC dropped probe into PayPal PYUSD, Long Island man sentenced for crypto fraud, Americans lost billions to crypto scams, Loopscale exploiter agreed to return stolen funds and bank regulators softened stance on crypto. First seen…
-
M&S unable to take on new workers as disruptions continue after cyber-attack
Retailer pulls all job postings from its website after attack as experts try to restore services<ul><li><a href=”https://www.theguardian.com/business/live/2025/may/01/tesla-elon-musk-successor-trump-tariffs-growth-gdp-bank-of-japan-microsoft-rolls-royce-ftse-100-sterling-business-live”>Business live latest updates</li></ul>Marks & Spencer is unable to hire new workers as the retailer continues to suffer disruption to its operations caused by a <a href=”https://www.theguardian.com/business/2025/apr/28/m-and-s-cyber-attack-crisis-orders-data-marks-spencer-website-apps-refund”>cyber-attack.The company confirmed on Thursday that it had pulled all online job postings…
-
Ticket Resale Platform TicketToCash Left 200GB of User Data Exposed
A misconfigured, non-password-protected database belonging to TicketToCash exposed data from 520,000 customers, including PII and partial financial details…. First seen on hackread.com Jump to article: hackread.com/ticket-resale-platform-tickettocash-exposed-user-data/
-
DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics
Russian companies have been targeted as part of a large-scale phishing campaign that’s designed to deliver a known malware called DarkWatchman.Targets of the attacks include entities in the media, tourism, finance and insurance, manufacturing, retail, energy, telecom, transport, and biotechnology sectors, Russian cybersecurity company F6 said.The activity is assessed to be the work of a…
-
The 14 most valuable cybersecurity certifications
Tags: access, ai, application-security, attack, automation, best-practice, blockchain, blueteam, china, cisa, cisco, ciso, cloud, compliance, computer, computing, conference, control, country, credentials, cryptography, cyber, cybersecurity, data, defense, encryption, endpoint, exploit, finance, governance, government, guide, hacker, hacking, incident response, intelligence, Internet, jobs, kali, law, linux, malware, metric, microsoft, monitoring, network, penetration-testing, privacy, reverse-engineering, risk, risk-analysis, risk-management, skills, threat, training, vulnerability, windowsIndustry recognition Who’s to say one certification is more respected than another? Such criteria can be very subjective, so we turned to the most direct and unbiased source to cut through the ambiguity: job listings. In addition to education, skills, and qualifications, employers often specify certs they seek in their ideal candidate. These mentions carry…
-
Online fraud peaks as breaches rise
Data breaches played a key role in significant financial losses faced by consumers due to fraud. In this Help Net Security video, Steve Yin, Global Head of Fraud at … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/01/online-fraud-breaches-video/
-
Russian APT28 hackers have redoubled efforts during Ukraine war, says French security agency
Tags: apt, attack, backdoor, cisco, credentials, crowdstrike, cyber, detection, exploit, finance, government, group, hacker, hacking, infrastructure, intelligence, Internet, mail, malicious, military, monitoring, network, phishing, russia, service, theft, ukraine, vpn, vulnerabilityTargeting and Compromise of French Entities Using the APT28 Intrusion Set, the group now aggressively targets the networks of government organizations and companies connected to Ukraine’s allies, including France.Since 2021, the group has targeted specific industrial sectors including aerospace, financial services, think tanks and research, local government, and government ministries.Nothing APT28 does stands out as…
-
BSidesLV24 Ground Truth Looking For Smoke Signals In Financial Statements, For Cyber
Author/Presenter: Brandon Pinzon Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/bsideslv24-ground-truth-looking-for-smoke-signals-in-financial-statements-for-cyber/
-
Feel Relieved with Effective Least Privilege Tactics
Why are Least Privilege Tactics Crucial in the Cybersecurity Landscape? The question that frequently arises among cybersecurity experts is, “How can we effectively mitigate these risks?” One noteworthy strategy adopted by professionals across various industries, including financial services, healthcare, and travel, is the use of least privilege tactics. This approach is particularly valuable for organizations……
-
Enterprise-specific zero-day exploits on the rise, Google warns
Tags: access, apple, apt, attack, china, cisco, cloud, crime, crimes, cyberespionage, detection, endpoint, exploit, finance, flaw, google, group, Hardware, incident response, injection, Internet, ivanti, korea, lessons-learned, mandiant, microsoft, mitigation, network, north-korea, remote-code-execution, russia, service, strategy, technology, threat, tool, update, vpn, vulnerability, zero-daySurge in network edge device exploitation: Of the 33 zero-day vulnerabilities in enterprise-specific products, 20 targeted hardware appliances typically located at the network edge, such as VPNs, security gateways, and firewalls. Notable targets last year included Ivanti Cloud Services Appliance, Palo Alto Networks’ PAN-OS, Cisco Adaptive Security Appliance, and Ivanti Connect Secure VPN.Targeted attacks against…
-
New Framework Targets Rising Financial Crime Threats
New Zealand Model Brings Cyber and Fraud Teams Together to Defend Against Scammers. To help financial institutions counter crime, the FS-ISAC earlier this month introduced a major initiative: the Cyberfraud Prevention Framework. This new initiative is designed to unify cybersecurity and fraud prevention teams to more effectively protect customers and secure the enterprise. First seen…
-
2025 The International Year of Quantum Science and Technology
Tags: access, attack, cloud, compliance, computer, conference, crypto, cryptography, cybersecurity, data, encryption, finance, government, group, Hardware, infrastructure, international, lessons-learned, network, nist, regulation, risk, risk-assessment, software, strategy, technology, tool2025 The International Year of Quantum Science and Technology divya Tue, 04/29/2025 – 07:48 It is no surprise that the United Nations declared 2025 as the International Year of Quantum Science and Technology (IYQ). Not only does it mark the 100-year point since quantum physics were discovered, but for those who have been following, the…
-
Your NHIDR Is Getting Better”, How?
Why Does Improving Non-Human Identity and Data Response (NHIDR) Matter? How often do we consider the impact of Non-Human Identities (NHIs) on our data security? The management of NHIs and their accompanying secrets has become an indispensable necessity for businesses. From financial services and healthcare to travel and DevOps, professionals across various domains are realizing……