Tag: finance
-
Breach Roundup: A WhatsApp Flaw Ushered in Spyware
Also: France Temporarily Lifts Pavel Durov’s Travel Ban Amid Telegram Probe. This week, Paragon Solutions spread through WhatsApp, France suspended Pavel Durov’s travel ban, Vapor malware hit 60M Android users, state-backed hackers exploit a Windows flaw, Western Alliance Bank exposed customers data, Apple fixed a passwords bug, and a sperm bank exposed customer information. First…
-
New Windows zero-day feared abused in widespread espionage for years
.The zero-day vulnerability, tracked as ZDI-CAN-25373, has yet to be publicly acknowledged and assigned a CVE-ID by Microsoft. ZDI-CAN-25373 has to do with the way Windows displays the contents of .lnk files, a type of binary file used by Windows to act as a shortcut to a file, folder, or application, through the Windows UI.A…
-
FTC commissioners fired as federal agencies face reckoning
The FTC, IRS and other federal agencies providing business oversight face policy shifts and restructuring measures under President Donald Trump’s administration. First seen on techtarget.com Jump to article: www.techtarget.com/searchcio/news/366621090/FTC-commissioners-fired-as-federal-agencies-face-reckoning
-
The State of Digital Trust in 2025 Consumers Still Shoulder the Responsibility
Tags: access, ai, authentication, banking, breach, captcha, cloud, compliance, control, cyber, data, deep-fake, encryption, finance, fintech, framework, GDPR, government, healthcare, identity, india, insurance, law, login, malicious, metric, mfa, mitigation, password, privacy, regulation, resilience, risk, service, software, strategy, switch, technology, threat, toolThe State of Digital Trust in 2025 – Consumers Still Shoulder the Responsibility madhav Thu, 03/20/2025 – 04:52 Trust remains the cornerstone of digital interactions, yet its foundations are increasingly fragile in an era of sophisticated cyber threats and evolving consumer expectations. The 2024 Digital Trust Index gave us extremely important insights into the expectations…
-
UK cyber agency suggests 2035 deadline to move to quantum-safe encryption, warns of threats
Tags: banking, cloud, computing, cyber, cybersecurity, encryption, finance, infrastructure, nist, risk, service, threat, vulnerabilityChallenges for enterprises: The NCSC’s roadmap underscores the urgency of transitioning to PQC, but businesses may face significant challenges in meeting the proposed timelines.The migration process could be complex, costly, and disruptive, requiring organizations to overhaul encryption protocols embedded in critical infrastructure, financial systems, and cloud services.Kawoosa pointed out that while enterprises typically have basic…
-
Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers
Regulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses (SMBs) are increasingly subject to strict data protection and security regulations, such as HIPAA, PCI-DSS, CMMC, GDPR, and the FTC Safeguards Rule. However, many SMBs struggle to maintain compliance due to limited IT resources, evolving regulatory requirements, and complex security…
-
Why No-Reply Emails Are a Cybersecurity Hazard
No-reply emails may seem convenient, but they pose serious cybersecurity risks. Learn how they enable phishing, spoofing, and financial fraud”, and how to protect your business. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/why-no-reply-emails-are-a-cybersecurity-hazard/
-
Names, bank info, and more spills from top sperm bank
Cyber-crime is officially getting out of hand First seen on theregister.com Jump to article: www.theregister.com/2025/03/19/sperm_bank_data_leak/
-
Hackers Exploit Unpatched ChatGPT Bug
Over 10K Exploit Attempts Recorded in a Week From a Single Malicious IP. Hackers are exploiting a vulnerability in ChatGPT’s infrastructure to redirect users to malicious websites, with security researchers recording more than 10,000 exploit attempts in a week from a single malicious IP address. The financial sector has borne the brunt of the attacks.…
-
Trump moves to fire Democratic FTC commissioners
The move, which critics say is unconstitutional, also potentially threatens numerous agency investigations and enforcement around privacy and cybersecurity. First seen on cyberscoop.com Jump to article: cyberscoop.com/trump-moves-to-fire-democratic-ftc-commissioners/
-
Western Alliance Bank notifies 21,899 customers of data breach
Arizona-based Western Alliance Bank is notifying nearly 22,000 customers their personal information was stolen in October after a third-party vendor’s secure file transfer software was breached. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/western-alliance-bank-notifies-21-899-customers-of-data-breach/
-
Western Alliance Bank says nearly 22,000 impacted by file transfer software breach
Phoenix-based Western Alliance Bank filed data breach notices saying about 22,000 people were affected by an incident involving file transfer software. First seen on therecord.media Jump to article: therecord.media/western-alliance-bank-data-breach
-
ChatGPT SSRF bug quickly becomes a favorite attack vector
Tags: attack, chatgpt, cve, cybersecurity, exploit, finance, flaw, government, threat, vulnerabilityThreat actors exploit a server-side request forgery (SSRF) flaw, tracked as CVE-2024-27564, in ChatGPT, to target US financial and government organizations. Cybersecurity firm Veriti reports that threat actors are exploiting a server-side request forgery (SSRF) vulnerability, tracked as CVE-2024-27564 (CVSS score of 6.5), in ChatGPT to target financial and government organizations in the US. The…
-
How can I optimize costs while securing NHIs in cloud environments?
Are Cost Optimization and Security Identical Goals in Cloud Management? While cost optimization and robust security may appear to be odds with each other, an integrated approach that leverages Non-Human Identities (NHIs) can strike a perfect balance. From financial services to healthcare and travel, organizations operating in diverse sectors are realising the immense potential of……
-
Western Alliance Bank Discloses Data Breach Linked to Cleo Hack
The personal information of 22,000 Western Alliance Bank customers was stolen in a data breach linked to Cl0p’s hacking of the Cleo file transfer tool. The post Western Alliance Bank Discloses Data Breach Linked to Cleo Hack appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/western-alliance-bank-discloses-data-breach-linked-to-cleo-hack/
-
ChatGPT Vulnerability Exploited Against US Government Organizations
A year-old vulnerability in ChatGPT is being exploited against financial entities and US government organizations. The post ChatGPT Vulnerability Exploited Against US Government Organizations appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chatgpt-vulnerability-exploited-against-us-government-organizations/
-
How financial institutions can minimize their attack surface
In this Help Net Security interview, Sunil Mallik, CISO of Discover Financial Services, discusses cybersecurity threats for financial institutions. He also shares insights on … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/18/sunil-mallik-discover-financial-institutions-security/
-
Crypto exchange OKX shuts down tool used by North Korean hackers to launder stolen funds
OKX said it detected a coordinated effort by one of North Korea’s most prolific hacking outfits to misuse its decentralized finance (DeFi) services. First seen on therecord.media Jump to article: therecord.media/crypto-okx-shuts-down-exchange
-
Australia Sues FIIG Investment Firm in Cyber ‘Wake-Up Call’
Regulators Say FIIG Lacked Basic Security Measures to Prevent 2023 Breach. The Australian financial regulator has filed a lawsuit against FIIG Securities Limited, accusing the leading investment and financing company of having inadequate cybersecurity controls to stop a threat actor from stealing the confidential personal information of 18,000 customers. First seen on govinfosecurity.com Jump to…
-
How Oracle is using AI to combat financial crime
The tech giant is leveraging artificial intelligence to surface fraudulent financial transactions and improve the efficiency of financial crime investigations, offering relief to banks battling high costs and alert fatigue First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366621012/How-Oracle-is-using-AI-to-combat-financial-crime
-
UK Cybersecurity Weekly News Roundup 16 March 2025
Tags: access, apple, attack, backdoor, backup, compliance, control, cyber, cyberattack, cybercrime, cybersecurity, data, encryption, finance, firewall, government, group, hacking, insurance, law, lockbit, malicious, network, office, privacy, ransomware, regulation, risk, russia, service, software, virusWelcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. UK Government’s Stance on Encryption Raises Global Concerns The UK government has ordered Apple to provide backdoor access to iCloud users’ encrypted backups under the Investigatory Powers Act of 2016. This secret order…
-
Researchers Remotely Hack Commercial Trucks Buses to Unlock Them
Security researchers have issued an urgent warning that commercial trucks and buses are significantly more vulnerable to cybersecurity attacks than passenger vehicles, potentially leading to catastrophic consequences. According to a comprehensive analysis by security experts, trucks represent more attractive targets for hackers due to their complex software systems, standardized components, and greater potential financial gains…
-
âš¡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
Tags: attack, cybersecurity, exploit, finance, fraud, group, Hardware, malware, open-source, pypi, ransomware, router, supply-chain, threat, toolFrom sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source First…
-
Paypal-Alarm: Schütze dein Konto vor dieser neuen Betrugsmasche
Tags: financeFirst seen on t3n.de Jump to article: t3n.de/news/paypal-schuetze-dein-konto-vor-dieser-betrugsmasche-1677218/
-
7 misconceptions about the CISO role
Tags: api, attack, breach, business, ceo, ciso, compliance, control, corporate, cyber, cyberattack, cybersecurity, defense, exploit, finance, firewall, governance, infrastructure, insurance, jobs, network, password, phishing, resilience, risk, risk-assessment, risk-management, saas, software, startup, strategy, technology, threat, tool, training, update, vulnerabilityKatie Jenkins, EVP and CISO, Liberty Mutual Insurance Liberty Mutual InsuranceThe field is changing so rapidly, Jenkins adds, she needs to commit time to keeping up on research and connecting with other CISOs for knowledge exchange.In addition to securing infrastructure, an effective CISO focuses on securing the business, experts say. This requires understanding how security…
-
Reading the Data Breach Tea Leaves: Preventing Data Exfiltration Before it Happens
Data exfiltration has traditionally been the end goal among threat actors whether it’s for financial gain, political gain or to simply wreak havoc. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/reading-the-data-breach-tea-leaves-preventing-data-exfiltration-before-it-happens/
-
Biggest Cyber Threats to the Healthcare Industry Today
Healthcare organizations must enhance their cybersecurity arsenal. Doing so can help them prevent financial, compliance, and reputational damage. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/biggest-cyber-threats-healthcare-industry-today