Tag: finance
-
Welchen Cybergefahren der europäische Handelssektor gegenübersteht
Die digitale Transformation macht den Einzelhandel zum begehrten Angriffsziel für Cyberkriminelle. Europa steht im Visier von Hackern und staatlichen Akteuren, die ihre Attacken oft mit raffinierten Phishing-Methoden einleiten. Besonders beliebt: täuschend echt gefälschte Webseiten bekannter Technologiemarken, PayPal, Facebook, Nike, Adidas und Luxuslabels. First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/security-management/welchen-cybergefahren-der-europaeische-handelssektor-gegenuebersteht/
-
New Banking Attacking Users of Indian banks to Steal Aadhar, PAN, ATM Credit Card PINs
A sophisticated malware campaign, dubbed >>FatBoyPanel,
-
21% of CISOs pressured to not report compliance issues
Tags: awareness, breach, business, ceo, ciso, compliance, control, corporate, cybersecurity, data, dora, finance, framework, governance, incident response, infrastructure, insurance, law, nis-2, regulation, resilience, risk, security-incident, trainingCISOs are increasingly getting caught between business pressures and regulatory obligations, leaving them struggling to balance corporate loyalty and legal accountability.To wit: One in five (21%) security leaders have been pressured by other executives or board members not to report compliance issues at their companies, according to a recent study by security vendor Splunk.The same…
-
Thailand to Cut Off Power to Scam Centers – Will it Work?
Officials Hope to Curb Global Fraud by Targeting Border Operations in Myanmar In a drastic move to curb fraud along the Myanmar border, Thailand announced plans to cut power and telecommunications in border areas of Myanmar linked to scam operations. The move is aimed at crippling criminal syndicates running notorious call centers that orchestrate scams,…
-
Mobile Malware Targeting Indian Banks Exposes 50,000 Users
Indian banking malware attack exposes 50,000 users, stealing financial data via SMS interception and phishing First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mobile-malware-indian-banks/
-
Canadian Charged in $65M KyberSwap, Indexed Finance DeFi Hack
Canadian man charged in $65 million DeFi hack. Exploited KyberSwap, Indexed Finance smart contracts, laundered funds, and attempted extortion. Faces 20 years. First seen on hackread.com Jump to article: hackread.com/canadian-charged-kyberswap-indexed-finance-defi-hack/
-
Destructive Attacks on Financial Institutions Surge
Contrast Security reveals a 12.5% annual increase in destructive cyber-attacks on banks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/destructive-attacks-banks-surge-13/
-
Why CRQ Methodologies Should Be Usable, Defensible, and Informative
In a thoroughly digital world, cyber incidents can have a huge financial impact, with the average cost of a data breach skyrocketing to $4.88 million. Still, too many businesses struggle Read More First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/why-crq-methodologies-should-be-usable-defensible-and-informative/
-
More destructive cyberattacks target financial institutions
Financial institutions will continue to be the ultimate targets for criminals and threat actors, as a successful attack offers a significant payoff, according to Contrast … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/05/financial-institutions-cybersecurity-incidents/
-
Union groups sue Treasury over giving DOGE access to sensitive data
Union groups that represent 7.2 million people filed a lawsuit Monday against the Treasury Department for handing over information including Social Security numbers, tax return data and bank account details to Elon Musk’s Department of Government Efficiency (DOGE). First seen on therecord.media Jump to article: therecord.media/union-groups-sue-treasury-over-giving-doge-access-to-data
-
Reimagining KYC to Meet Regulatory Scrutiny
FIs Expected to Move from Periodic Reviews to Perpetual KYC. Banks are struggling to keep up with evolving KYC expectations. Despite efforts to modernize, outdated processes continue to leave compliance gaps, leading to increased regulatory action. Penalties for financial institutions surged with KYC-related fines more than doubling to $51 million. First seen on govinfosecurity.com Jump…
-
Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites
Coyote Banking Trojan targets Brazilian users, stealing data from over 70 financial applications and websites. FortiGuard Labs researchers detected a campaign using LNK files executing PowerShell commands to deploy the Coyote Banking Trojan. Threat actors target Brazilian users by stealing financial data, the malware can harvest sensitive information from over 70 financial applications and numerous…
-
Why digital resilience is critical to banks
Going beyond the traditional “Prevent, Detect, and Respond” framework and taking a proactive approach First seen on theregister.com Jump to article: www.theregister.com/2025/02/04/why_digital_resilience_is_critical/
-
Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities
A Canadian man has been indicted in federal court in New York for exploiting vulnerabilities in two decentralized finance (DeFi) protocols to fraudulently obtain about $65 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/04/man-charged-with-stealing-65-million-by-exploting-defi-protocols-vulnerabilities/
-
7 tips for improving cybersecurity ROI
Tags: advisory, ai, attack, business, ciso, compliance, control, corporate, cyber, cybersecurity, data, defense, detection, exploit, finance, gartner, group, incident response, infrastructure, intelligence, metric, monitoring, network, privacy, resilience, risk, risk-assessment, risk-management, service, siem, software, strategy, technology, threat, tool, vulnerability, wafWhen it comes to cybersecurity investments, smart money is directed toward initiatives that deliver the greatest protection at the lowest possible cost. But what appears to be a straightforward calculation can often be anything but.CISOs perennially face challenges securing adequate funding to safeguard the enterprise, placing them often in difficult positions attempting to stretch resources…
-
ValleyRAT Attacking Org’s Accounting Department with New Delivery Techniques
A concerning uptick in cyberattacks has emerged with ValleyRAT, a Remote Access Trojan (RAT) linked to the Silver Fox advanced persistent threat (APT) group. The malware is now employing innovative delivery techniques to infiltrate organizational networks, targeting finance and accounting departments. Recent reports from Morphisec Threat Labs indicate that the attackers have refined their tools…
-
Canadian National Charged with Stealing $65 Million in Crypto
A Canadian man has been charged with exploiting decentralized finance (DeFi) protocols to steal approximately $65 million from unsuspecting investors. A five-count criminal indictment, unsealed today in a federal court in New York, accuses 22-year-old Andean Medjedovic of targeting vulnerabilities in automated smart contracts used by two prominent DeFi platforms: KyberSwap and Indexed Finance. Alleged…
-
8 steps to secure GenAI integration in financial services
GenAI offers financial services institutions enormous opportunities, particularly in unstructured dataset analysis and management, but may also increase security risks, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/04/financial-institutions-genai-risks/
-
Canadian Man Stole $65 Million in Crypto in Two Platform Hacks, DOJ Says
A 22-year-old Canadian man is indicted by the U.S. DOJ for using borrowed cryptocurrency and exploiting vulnerabilities on the KyberSwap and Indexed Finance DeFi platforms to steal $65 million in digital assets in two schemes between 2021 and 2023. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/canadian-man-stole-65-million-in-crypto-in-two-platform-hacks-doj-says/
-
Canadian charged with stealing $65 million using DeFI crypto exploits
The U.S. Justice Department has charged a Canadian man with stealing roughly $65 million after exploiting two decentralized finance (DeFI) protocols. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/canadian-charged-with-stealing-65-million-using-defi-crypto-exploits/
-
The Stumbling Blocks of Open Banking
UK Banks Face Adoption Challenges and Cybersecurity Concerns. Despite its promise of innovation and cost efficiency, banks in the United Kingdom continue to struggle with the adoption of open banking. Consumer awareness, security concerns and a lack of incentives remain hurdles as stakeholders push for broader integration. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/stumbling-blocks-open-banking-a-27433
-
DORA Compliance Must be a Top Priority for US Financial Institutions
In an era where digital resilience determines market survival, the European Union’s Digital Operational Resilience Act (DORA) has emerged as a global benchmark for financial sector cybersecurity. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/dora-compliance-must-be-a-top-priority-for-us-financial-institutions/
-
Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions
Brazilian Windows users are the target of a campaign that delivers a banking malware known as Coyote.”Once deployed, the Coyote Banking Trojan can carry out various malicious activities, including keylogging, capturing screenshots, and displaying phishing overlays to steal sensitive credentials,” Fortinet FortiGuard Labs researcher Cara Lin said in an analysis published last week.The First seen…
-
The CISO’s role in advancing innovation in cybersecurity
Tags: access, advisory, ai, attack, best-practice, business, ceo, ciso, conference, cyber, cybersecurity, finance, network, phone, risk, startup, strategy, technology, threat, toolCybersecurity leaders have an advantage when it comes to innovation given their front seat facing new and old threats. That is why many CISOs are playing an active role in shaping emerging solutions, which also gives them a clear understanding of where current solutions fall short.”CISOs can play a part in supporting innovation by shaping…
-
A ransomware attack forced New York Blood Center to reschedule appointments
The New York Blood Center faced a ransomware attack on Sunday, forcing the healthcare organization to reschedule appointments. The New York Blood Center suffered a ransomware attack on Sunday, causing appointment rescheduling. The New York Blood Center (NYBC) is a community, nonprofit blood bank based in New York City. The community was established in 1964…
-
Change Your Password Day: Keeper Security Highlights Urgent Need for Strong Credential Management
In recognition of Change Your Password Day, Keeper Security is urging organisations to prioritise securing credentials to combat the escalating threat of cyber attacks. Without proper safeguards, compromised credentials can lead to devastating breaches, financial loss and reputational damage. Privileged accounts, often used by administrators or automated systems to access critical infrastructure, are prime targets for…
-
Devil-Traff: A New Bulk SMS Platform Driving Phishing Campaigns
Employees in most organizations receive countless communications daily”, emails, Slack messages, or ticket updates, for example. Hidden among these routine interactions are phishing scams designed to exploit trust and compromise security. Imagine an employee receiving a text that appears to be from their bank: “Suspicious activity detected on your account. Click here to secure your…
-
Why API Security is Essential for the Hospitality Sector: Safeguarding Your Guests and Your Rewards
Trust is the cornerstone of the hospitality industry. Guests rely on you to safeguard their personal data, payment information, and loyalty rewards. However, in today’s digital landscape, this trust faces constant risks. APIs, which serve as the unseen connections among various systems and applications, are particularly vulnerable to cyber threats. A single flaw can compromise…