Tag: finance
-
Adam Khan on the Unique Security Challenges in Education IT
Adam Khan, vice president of global security operations for Barracuda Networks, explains what makes securing schools, such as universities, so much more difficult than the average enterprise IT environment. Unlike traditional enterprises, schools operate on limited budgets, often relying on outdated infrastructure while managing vast amounts of sensitive student, financial, and research data”, making them…
-
World Economic Forum Annual Meeting 2025: Takeaways, reflections, and learnings for the future
Tags: attack, best-practice, ceo, cyber, cyberattack, cybercrime, cybersecurity, finance, fortinet, group, intelligence, international, law, lessons-learned, mitigation, open-source, organized, risk, strategy, tactics, technology, threatIncreasingly sophisticated threat actors in the evolving cybersecurity landscape In a world where cybercriminals often operate with a level of efficiency mirroring that of Fortune 500 companies, it is essential that we look to ways we can better collaborate to counter them. Unfortunately, there is still a lot of room for improvement; in 2023, 87%…
-
Gcore DDoS Radar Reveals 56% YoY Increase in DDoS Attacks
Gcore’s latest DDoS Radar report analyzes attack data from Q3Q4 2024, revealing a 56% YoY rise in the total number of DDoS attacks with the largest attack peaking at a record 2 Tbps. The financial services sector saw the most dramatic increase, with a 117% rise in attacks, while gaming remained the most-targeted industry. This…
-
British techies to advise on ‘devastating’ UK global crypto power grab
A hitherto unknown British organisation which even the government may have forgotten about is about to be drawn into a global technical and financial battle, facing threats from Apple to pull out of the UK First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366619028/Apple-British-techies-to-advise-on-devastating-UK-global-crypto-power-grab
-
FinStealer Malware Targets Leading Indian Bank’s Mobile Users, Stealing Login Credentials
Tags: banking, credentials, credit-card, cyber, cybersecurity, finance, india, login, malware, mobile, phishing, threatA new cybersecurity threat has emerged, targeting customers of a prominent Indian bank through fraudulent mobile applications. Dubbed >>FinStealer,
-
Researchers Found North Korean Hackers Advanced Tactics, techniques, and procedures
Recent research has highlighted the increasingly sophisticated tactics, techniques, and procedures (TTPs) employed by North Korean state-sponsored hackers. These cyber actors have demonstrated a strategic focus on espionage, financial theft, and disruption, targeting a broad range of sectors globally. Their operations align with the regime’s geopolitical objectives, including funding nuclear programs, gathering intelligence, and undermining…
-
Top 5 ways attackers use generative AI to exploit your systems
Tags: access, ai, attack, authentication, awareness, banking, captcha, chatgpt, china, control, cyber, cybercrime, cybersecurity, defense, detection, exploit, extortion, finance, flaw, fraud, group, hacker, intelligence, LLM, malicious, malware, network, phishing, ransomware, resilience, service, spam, tactics, theft, threat, tool, vulnerability, zero-dayFacilitating malware development: Artificial intelligence can also be used to generate more sophisticated or at least less labour-intensive malware.For example, cybercriminals are using gen AI to create malicious HTML documents. The XWorm attack, initiated by HTML smuggling, which contains malicious code that downloads and runs the malware, bears the hallmarks of development via AI.”The loader’s…
-
Arvest Bank CISO on building a strong cybersecurity culture in banking
In this Help Net Security interview, Mike Calvi, CISO at Arvest Bank, discusses building a strong cybersecurity culture within the banking sector. He explains how leadership, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/11/mike-calvi-arvest-bank-banking-cybersecurity/
-
CIO Cloud Summit: Best Practices von Anwendern für Anwender
Tags: ai, best-practice, business, cio, cloud, computing, finance, germany, group, infrastructure, sap, service, strategy, technology, toolsrcset=”https://b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?quality=50&strip=all 1682w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=300%2C168&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=768%2C432&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=1024%2C576&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=1536%2C864&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=1240%2C697&quality=50&strip=all 1240w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=150%2C84&quality=50&strip=all 150w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=854%2C480&quality=50&strip=all 854w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=640%2C360&quality=50&strip=all 640w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px”>Erfahren Sie auf dem CIO Cloud Summit, wie Sie die nächste Cloud-Welle am besten reiten. IDC FoundryFlexibilität, Agilität und Skalierbarkeit sind die entscheidenden Parameter für das Gelingen der Transformation von…
-
Fortifying cyber security: What does secure look like in 2025?
Tags: access, ai, attack, authentication, business, compliance, cyber, cybercrime, cybersecurity, deep-fake, exploit, finance, Hardware, intelligence, least-privilege, malware, mfa, nis-2, phishing, regulation, resilience, risk, risk-management, scam, software, threat, training, update, vulnerability, zero-trustThe evolving cybersecurity landscape has increased security pressures for IT leaders. With the World Economic Forum estimating, the global cost of cybercrime is projected to reach $10.5trillion annually in 2025, the situation is only escalating[1]. The rise of new technologies, such as Artificial Intelligence (AI), and the complexities introduced by flexible working have made IT…
-
Europol Warns Financial Sector of “Imminent” Quantum Threat
Europol has urged the financial sector to prioritize quantum-safe cryptography First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/europol-warns-financial-sector/
-
CISOs: Stop trying to do the lawyer’s job
Tags: breach, business, ciso, compliance, cybersecurity, data, email, finance, group, guide, incident response, international, jobs, law, privacy, RedTeam, risk, risk-management, security-incident, service, skills, strategy, technology, training, updateThere’s a joke that’s been floating around boardrooms for years: “What’s the difference between lawyers and engineers? Lawyers don’t think they’re engineers.”This light-hearted jab highlights a fundamental difference between the two professions. Engineers, and by extension CISOs, focus on building and fixing things, learning a wide array of skills, sometimes sticking their hands into technologies…
-
India’s banking on the bank.in domain cleaning up its financial services sector
With over 2,000 banks in operation, a domain only they can access has clear potential to make life harder for fraudsters First seen on theregister.com Jump to article: www.theregister.com/2025/02/10/india_bank_dotin_plan/
-
India wants all banking to happen at dedicated bank.in domain
With over 2,000 banks in operation, the potential to make life harder for fraudsters is obvious First seen on theregister.com Jump to article: www.theregister.com/2025/02/10/india_bank_dotin_plan/
-
DEF CON 32 Exploiting Bluetooth From Your Car To The Bank Account
Authors/Presenters: Vladyslav Zubkov, Martin Str Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/def-con-32-exploiting-bluetooth-from-your-car-to-the-bank-account/
-
Exciting Advances in Privileged Access Management
Why should we be excited about Privileged Access Management? Have you ever pondered the gravity of the implications of not managing Non-Human Identities (NHIs) and their Secrets in your company’s cybersecurity strategy? The rapid digitization of industries such as healthcare, financial services, travel, DevOps, and SOC teams makes securing machine identities an area of utmost……
-
The SolarWinds $4.4 billion acquisition gives CISOs what they least want: Uncertainty
Tags: attack, breach, business, cisa, ciso, cyber, cybersecurity, finance, government, group, risk, risk-management, service, software, strategy, supply-chain, tool, updateWhen SolarWinds on Friday announced a $4.4 billion cash deal for it to be acquired by private equity (PE) firm Turn/River Capital, it delivered the last thing that nervous enterprise CISOs want: Uncertainty, to be followed by more uncertainty.”Whenever a security company gets acquired by private equity, you never want to throw a party,” said…
-
Student group sues Education Department over reported DOGE access to financial aid databases
The University of California Student Association, which serves all of the system’s campuses statewide, is suing the Department of Education over reported access by Elon Musk’s DOGE workers to federal student aid databases. First seen on therecord.media Jump to article: therecord.media/university-of-california-students-sue-education-department-doge
-
Modern Bank Heists 2025: Revenge of the Zero Days
Tom Kellermann’s Annual Report on Key Threats to Financial Sector. Zero days. Supply chain attacks. APIs and cloud environments as growing threat vectors. These are among the topics discussed in this seventh annual Modern Bank Heists report, and author Tom Kellermann discusses their impact on financial institutions – and which defensive gaps need to be…
-
Yahoo Finance: U.S. Lawmakers Push to Ban China’s DeepSeek AI Over Security Risks Feroot Security Analysis
Washington, D.C. U.S. lawmakers announced a bill to ban DeepSeek, the Chinese AI chatbot app, from government devices following a security analysis by Feroot Security that revealed alarming privacy and national security risks. The research suggests that DeepSeek collects user data, including digital fingerprints, login credentials, and behavioral information, potentially sending it to servers…The post…
-
Third-Party Risk Management Failures Expose UK Finance Sector
Orange Cyberdefense found that over half of UK financial firms suffered at least one third-party attack in 2024, linked to significant gaps in risk management strategies First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/third-party-risk-failures-uk/
-
India’s RBI Introduces Exclusive “bank.in” Domain to Combat Digital Banking Fraud
India’s central bank, the Reserve Bank of India (RBI), said it’s introducing an exclusive “bank.in” internet domain for banks in the country to combat digital financial fraud.”This initiative aims to reduce cyber security threats and malicious activities like phishing; and, streamline secure financial services, thereby enhancing trust in digital banking and payment services,” the RBI…
-
CIOs and CISOs grapple with DORA: Key challenges, compliance complexities
Tags: access, automation, banking, business, cio, ciso, communications, compliance, control, country, cyber, cybersecurity, data, dora, finance, framework, GDPR, governance, jobs, law, monitoring, network, nis-2, penetration-testing, privacy, regulation, resilience, risk, risk-management, service, skills, supply-chain, technology, threat, tool, training, vulnerabilityIn force since January, the Digital Operational Resilience Act (DORA) has required considerable effort from CIOs and CISOs at 20 types of financial entities to achieve compliance. For many, the journey is not complete.”In the past months, financial entities targeted by DORA have been busy internally defining roles and responsibilities related to ICT security, identifying…
-
India to launch new domain name for banks to fight digital fraud
India’s central bank is introducing an exclusive >>.bank.in
-
The Cyber-Driven Domino Effect: How Financial and Security Crises Bankrupt Businesses
First seen on scworld.com Jump to article: www.scworld.com/perspective/the-cyber-driven-domino-effect-how-financial-and-security-crises-bankrupt-businesses
-
Abyss Locker Ransomware Attacking Critical Network Devices including ESXi servers
The Abyss Locker ransomware, a relatively new but highly disruptive cyber threat, has been actively targeting critical network devices, including VMware ESXi servers, since its emergence in 2023. This ransomware group employs sophisticated tactics to infiltrate corporate networks, exfiltrate sensitive data, and encrypt systems for financial extortion. Its focus on virtualized environments has made it…
-
Basket of Bank Trojans Defraud Citizens of East India
Cheap banking scams are often easier to pull off in a country with older devices, fewer regulations, and experienced fraudsters. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/bank-trojans-defraud-citizens-east-india
-
Ukraine’s largest bank PrivatBank Targeted with SmokeLoader malware
UAC-0006, a financially motivated threat actor, targets PrivatBank customers with advanced phishing attacks. CloudSEK’s research reveals malicious emails… First seen on hackread.com Jump to article: hackread.com/ukraine-largest-bank-privatbank-smokeloader-malware/