SecureWorld News

JUNE 4, 2025

In a matter of days, three major cybersecurity incidents have hit the retail and financial services sectors, drawing renewed attention to supply chain vulnerabilities, credential-based attacks, and the increasing value of non-financial customer data. That's why MFA adoption remains low in many cases."

Retail

SecureWorld News

JULY 17, 2025

The result has been an alarming surge in fraud losses and a fundamental challenge to the trust-based interactions that financial services rely on. Customer trust and expectations: Customers generally trust that when they're speaking with a bank representative or receiving an email from their financial advisor, it's legitimate.

Banking

NetSpi Executives

JUNE 25, 2025

This extensive hands-on experience, spanning financial services, healthcare, government, and other sectors, provides us with unique insight into the current cybersecurity landscape facing enterprise mainframe environments. IBM recommends configuring GMTRAN to DISCONNECT rather than the default EXIT setting.

Penetration Testing

SecureList

MAY 28, 2025

This targeting strategy reflected a focused campaign aimed at compromising users of financial services through credential theft. It copied both the name and icon of the legitimate app, making it appear authentic to unsuspecting users. The code was fully obfuscated, making manual analysis and detection more difficult.

Banking

Responsible Cyber

NOVEMBER 23, 2024

Financial services have also faced significant incidents, with many institutions relying heavily on third-party technology partners to deliver essential services. Many vendors failed to implement robust security protocols, such as advanced encryption techniques, multi-factor authentication, and continuous monitoring.

Risk

Security Boulevard

MARCH 14, 2025

ISO/IEC 27001 & ISO/IEC 27017: These ISO standards offer vital guidance for securing cloud services, particularly the APIs that support them. and strong authentication mechanisms like OAuth 2.0 Secure authentication mechanisms must be implemented to maintain the integrity and security of financial APIs.

Authentication

Thales Cloud Protection & Licensing

JANUARY 16, 2025

However, as important as PCI may be, United States financial services organizations operate in one of the worlds most stringent and complex compliance landscapes. Understanding the US FinServ Compliance Landscape The US financial services industry is subject to a vast number of laws and regulations.

Financial Services

Centraleyes

MARCH 13, 2025

If you’re part of the financial services ecosystem hereor interact with businesses regulated by the New York State Department of Financial Servicesyouve likely come across the NYDFS Cybersecurity Regulation. Multi-factor authentication (MFA) and role-based access controls are your best friends here.

Cybersecurity

Thales Cloud Protection & Licensing

APRIL 22, 2025

The financial services sector was the most targeted industry for account takeover (ATO) attacks, accounting for 22% of all incidents, followed by Telecoms and ISPs with 18%, and Computing and IT with 17%. Block known proxy services to stop bots masking their activity.

Digital transformation

Thales Cloud Protection & Licensing

OCTOBER 16, 2024

Individuals risk identity theft, financial loss, and privacy violations. Businesses, particularly those in financial services, healthcare, and retail sectors, suffer from operational disruptions and financial penalties.

DDOS

Security Boulevard

APRIL 16, 2025

A full breakdown of the patches for this quarter can be seen in the following table, which also includes a count of vulnerabilities that can be exploited over a network without authentication.

Financial Services

Zero Day

JUNE 22, 2025

  Also: 4 ways to secure your remote work setup If your payment card details, bank accounts, or other digital financial services have been compromised, call the provider immediately (or freeze your cards using the mobile app, if your app has that feature). Many vendors are now exploring passwordless authentication.

Passwords

Thales Cloud Protection & Licensing

JUNE 26, 2025

This is particularly crucial for sectors such as financial services, government, and healthcare. The client calls the double key encryption service, going through a second round of authentication and authorization. This ensures that the content key and plaintext content are never available to Microsoft.

Risk

Webroot

APRIL 22, 2025

Financial services industry: Banks, insurance companies and other financial organizations offer a wealth of opportunity for hackers who can use stolen bank account and credit card information for their own financial gain. In 2024, there were 14 data breaches involving 1 million or more healthcare records.

Data breaches

Webroot

OCTOBER 31, 2024

infrastructure sectors, including healthcare, government services, financial services, and critical manufacturing. Enable Multi-Factor Authentication (MFA): Activate MFA on all accounts that offer it, preferably using authenticator apps or hardware keys.

Malware

Malwarebytes

FEBRUARY 20, 2025

With the capture of usernames and passwords from web browsers, attackers can access your accounts, including email, social media, and financial services. They may even gather enough personal data to be used for identity theft or sold on the dark web.

Identity Theft

Zero Day

JUNE 20, 2025

  Also: 4 ways to secure your remote work setup If your payment card details, bank accounts, or other digital financial services have been compromised, call the provider immediately (or freeze your cards using the mobile app, if your app has that feature). Many vendors are now exploring passwordless authentication.

Passwords

NetSpi Executives

MARCH 11, 2025

Amateur attackers are showing how simple it is to gain access to an organizations private network or cloud solutions through remote services. As organizations pay closer attention to their remote service authentication and authorization risks, attackers are turning to the next weak point, the entire external surface.

Risk

Thales Cloud Protection & Licensing

NOVEMBER 18, 2024

Identity and Access Management (IAM) The 2024 Thales Data Threat Report (DTR) Financial Services Edition revealed that only 59% of financial services organizations cite achieving security consistency across workforce and non-workforce identities. The same can become a reality for private businesses.

Financial Services

eSecurity Planet

MAY 8, 2025

This pattern of targeting lines up with an alert from Japans Financial Services Agency , which recently warned of an increase in phishing aimed at financial institutions. Organizations should also educate employees about phishing scams and implement multifactor authentication (MFA) across services.

Phishing

Zero Day

JULY 17, 2025

  And yet, counterintuitively, AI is also being deployed by financial services companies to prevent fraud. Even more (90%) agreed that unless their use of AI for fraud prevention increases in the coming years, their "financial losses will likely increase."

Artificial Intelligence

CyberSecurity Insiders

JULY 20, 2021

While instant card issuance has become a common service for many banks, digital issuance, where banks can issue card credentials directly to a customer’s mobile wallet, looms as the next development to revolutionise the way consumers interact with their financial services provider. . Increased level of security. million. .

Financial Services

The Last Watchdog

DECEMBER 6, 2022

Much more effective authentication is needed to help protect our digital environment – and make user sessions smoother and much more secure. Underscoring this trend, Uber was recently hacked — through its authentication system. The best possible answer is coming from biometrics-based passwordless, continuous authentication.

Authentication

SecureWorld News

NOVEMBER 14, 2023

On November 1, 2023, the New York Department of Financial Services (NYDFS) took a significant step toward strengthening cybersecurity defenses across the financial sector by finalizing amendments to Part 500 of its cybersecurity regulations.

Financial Services

Security Boulevard

SEPTEMBER 3, 2022

The financial services industry – from retail banking to insurance – is facing challenges from multiple different channels: from competitive pressure and regulation to the evolving security landscape. The post Authentication in the Finance Industry: Now and Next appeared first on Security Boulevard.

Authentication

Thales Cloud Protection & Licensing

NOVEMBER 13, 2023

Defending Financial Services Against Fraud in a Shifting Cyber Landscape sparsh Tue, 11/14/2023 - 05:05 As we approach International Fraud Awareness Week during 12-18 November 2023, taking stock of the evolving threat landscape and the vulnerabilities that financial services organizations face is crucial.

Financial Services

Krebs on Security

MAY 19, 2021

New research shows how fraudsters can abuse wireless provider websites to identify available, recycled mobile numbers that allow password resets at a range of email providers and financial services online. While you’re at it, consider removing your phone number as a primary or secondary authentication mechanism wherever possible.

Mobile

Krebs on Security

JULY 23, 2020

The documents were available without authentication to anyone with a Web browser. According to a filing (PDF) by the New York State Department of Financial Services (DFS), the weakness that exposed the documents was first introduced during an application software update in May 2014 and went undetected for years.

Insurance

Krebs on Security

MAY 31, 2019

No authentication was needed to access the digitized records. On May 29, The New York Times reported that the inquiry by New York’s Department of Financial Services is likely to be followed by other investigations from regulators and law enforcement.

Financial Services

The Last Watchdog

SEPTEMBER 24, 2024

The NPD breach serves as a stark reminder of the critical importance of data security in today’s digital world, particularly in regulated industries such as financial services and healthcare.

Authentication

Krebs on Security

SEPTEMBER 29, 2021

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. OTP Agency took itself offline within hours of that story. . The 2fa SMS Buster bot on Telegram. Image: Intel 471.

Passwords

Cisco Security

NOVEMBER 2, 2022

Going beyond the hype, passwordless authentication is now a reality. Cisco Duo’s passwordless authentication is now generally available across all Duo Editions. “ Cisco Duo simplifies the passwordless journey for organizations that want to implement phishing-resistant authentication and adopt a zero trust security strategy.

Authentication

eSecurity Planet

OCTOBER 5, 2021

Passwords are the most common authentication tool used by enterprises, yet they are notoriously insecure and easily hackable. At this point, multi-factor authentication (MFA) has permeated most applications, becoming a minimum safeguard against attacks. Jump to: What is multi-factor authentication? MFA can be hacked.

Authentication

eSecurity Planet

SEPTEMBER 30, 2021

Underground services are cropping up that are designed to enable bad actors to intercept one-time passwords (OTPs), which are widely used in two-factor authentication programs whose purpose is to better protect customers’ online accounts. By using the services, cybercriminals can gain access to victims’ accounts to steal money.

Authentication

Krebs on Security

NOVEMBER 19, 2021

In reality, the fraudster initiates a transaction — such as the “forgot password” feature on the financial institution’s site — which is what generates the authentication passcode delivered to the member. To combat this scam Zelle introduced out-of-band authentication with transaction details.

Scams

Security Boulevard

JUNE 28, 2022

IoT and Machine Identity Management in Financial Services. How is IoT changing the financial sector? IoT has already positively impacted the financial sector and will only continue to in the future. IoT has also transformed the financial services sector in a variety of ways: Real-time data. brooke.crothers.

Financial Services

Krebs on Security

APRIL 28, 2020

As it turned out, calling the phone number on the back of the credit card from the phone number linked with the card provided the most recent transactions without providing any form of authentication.” “I was appalled that Citi would do that. .

Scams