Security Affairs

NOVEMBER 5, 2024

The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed ToxicPanda, which already infected over 1,500 Android devices. ” reads the report published by Cleafy.

Banking 121

Banking Malware Accountability Authentication 121

Krebs on Security

NOVEMBER 10, 2021

Smishing messages usually include a link to a site that spoofs a popular bank and tries to siphon personal information. But increasingly, phishers are turning to a hybrid form of smishing — blasting out linkless text messages about suspicious bank transfers as a pretext for immediately calling and scamming anyone who responds via text.

Banking 363

Banking Phishing Scams Accountability 363

Krebs on Security

AUGUST 7, 2024

That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. On June 26, Turner filed a pro se lawsuit against PNC Bank , alleging “unlawful discriminatory and tortuous action” after he was denied a wire transfer in the amount of $75,000.

Banking 290

Banking Cybercrime Accountability Retail 290

Security Affairs

FEBRUARY 4, 2025

Coyote Banking Trojan targets Brazilian users, stealing data from over 70 financial applications and websites. FortiGuard Labs researchers detected a campaign using LNK files executing PowerShell commands to deploy the Coyote Banking Trojan. Then the malware starts monitoring the active window.

Banking 116

Banking Malware Antivirus Cyber threats 116

Malwarebytes

NOVEMBER 4, 2024

We identified a new wave of phishing for banking credentials that targets consumers via Microsoft’s search engine. Multi-factor authentication is still highly recommended, but users should be aware that criminals can directly ask for verification codes while pretending to be the real bank.

Engineering 128

Engineering Phishing Banking Authentication 128

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered a security breach by financially-motivated threat actors. The Daily Monitor newspaper reported that the attackers stole 47.8

Banking 98

Banking Government Accountability Hacking 98

Security Boulevard

OCTOBER 31, 2024

The post Shedding AI Light on Bank Wire Transfer Fraud appeared first on Security Boulevard. Wire transfer fraud occurs when scammers convince a company to send money to a fraudulent account. While weeding out suspicious requests like this may seem rudimentary, it’s not.

Banking 110

Banking Accountability Social Engineering Engineering 110

Krebs on Security

NOVEMBER 19, 2024

Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. However, it did reference many of the same banks called out as Finastra customers in the Nov.

Data breaches 293

Data breaches Banking Cybercrime Advertising 293

Malwarebytes

MARCH 19, 2025

California Cryobank (CCB) is a sperm donation and cryopreservation firm and one of the US top sperm banks. The information potentially involved varies by customer but includes names and one or more of the following: Drivers license numbers Bank account and routing numbers.

Banking 94

Banking Data breaches Computers and Electronics Passwords 94

Security Affairs

MARCH 19, 2025

California Cryobank, the largest US sperm bank, suffered a data breach exposing customer information. California Cryobank (CCB) is the largest sperm bank in the U.S., providing frozen donor sperm and reproductive services, including egg and embryo storage.

Data breaches 105

Data breaches Banking Insurance Hacking 105

Security Affairs

MARCH 28, 2025

Grandoreiro Banking Trojan resurfaces, targeting users in Latin America and Europe in new phishing campaigns. Forcepoint X-Labs researchers warn of new phishing campaigns targeting Latin America and Europe in new phishing campaigns.

Banking 83

Banking Phishing Malware Passwords 83

Security Affairs

MARCH 29, 2025

The new Android trojan Crocodilus exploits accessibility features to steal banking and crypto credentials, mainly targeting users in Spain and Turkey. ThreatFabric researchers discovered a new Android trojan called Crocodilus, which exploits accessibility features to steal banking and crypto credentials. ” ThreatFabric concludes.

Banking 67

Banking Mobile Identity Theft Malware 67

Tech Republic Security

SEPTEMBER 6, 2024

Tenable's research reveals 26,500 cyber vulnerabilities in Southeast Asia's banking and insurance sectors, exposing critical security risks.

Banking 180

Banking Risk Insurance Financial Services 180

Lohrman on Security

DECEMBER 12, 2021

financial institutions are leaders in global cyber defense. Recently approved rules will mandate the reporting of security incidents next year. We explore the topic with cybersecurity expert Michael McLaughlin.

Banking 362

Banking Cybersecurity 362

Schneier on Security

FEBRUARY 13, 2025

This approach, known as “separation of duties,” isn’t just bureaucratic red tape; it’s a fundamental security principle as old as banking itself. When your local bank processes a large transfer, it requires two different employees to verify the transaction.

Government 363

Government Artificial Intelligence Banking Software 363

Schneier on Security

SEPTEMBER 20, 2022

And bank cards can be stopped. Once they have the phone and the card, they register the card on the relevant bank’s app on their own phone or computer. That verification passcode is sent by the bank to the stolen phone. Once accepted, they have control of the bank account.

Banking 340

Banking Accountability Passwords Authentication 340

Krebs on Security

OCTOBER 30, 2024

Having a freeze in place does nothing to prevent you from using existing lines of credit you may already have, such as credit cards, mortgage and bank accounts.

Healthcare 294

Healthcare Insurance Computers and Electronics Data breaches 294

Krebs on Security

NOVEMBER 19, 2021

One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim’s funds via Zelle , a “peer-to-peer” (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family. “Members don’t have to request to use Zelle.

Scams 362

Scams Banking Passwords Authentication 362

Security Boulevard

APRIL 15, 2025

The post ICICI Bank Ransomware Breach: A Stark Reminder of Supply Chain Risk and the Need for Real-Time Cyber Vigilance appeared first on Security Boulevard.

Banking 59

Banking Risk Ransomware 59

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. Bank customers. Bank customers.

Malware 329

Malware Banking Phishing DDOS 329

Adam Shostack

JANUARY 2, 2025

Recently, I was opening a new bank account. The bank unexpectedly sent me a temporary password to sign up, and when I did, the temporary password had expired. But then, after I went to reset the password, the bank emailed me a one time code. Only enter it on the bank mobile app or website. Good for them! Less frustration.

Banking 130

Banking Passwords Password Management Authentication 130

Centraleyes

MARCH 27, 2025

central banking system. The Office of the Comptroller of the Currency (OCC) – Regulates and supervises national banks and federal savings associations. FFIEC 031 applies to banks with both domestic and foreign offices, while FFIEC 041 applies to banks with domestic branches only.

Banking 52

Banking Insurance Consumer Protection Risk 52

Security Boulevard

MARCH 27, 2025

This comprehensive guide will explore the councils origins, structure, responsibilities, [] The post The FFIECs Origins and Purpose for Banking Industry appeared first on Centraleyes. The post The FFIECs Origins and Purpose for Banking Industry appeared first on Security Boulevard.

Banking 52

Banking 52

Krebs on Security

APRIL 27, 2023

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. Huntington Bank has disabled the leaky TCF Bank Salesforce website.

Banking 340

Banking Government Information Security Authentication 340

Schneier on Security

MARCH 1, 2023

A reporter used an AI synthesis of his own voice to fool the voice authentication system for Lloyd’s Bank.

Authentication 298

Authentication Banking Artificial Intelligence 298

The Last Watchdog

JANUARY 15, 2025

Czech cybersecurity startup Wultra has raised 3 million from Tensor Ventures, Elevator Ventures, and J&T Ventures to accelerate the development of its post-quantum authentication technology, safeguarding banks and fintech against the coming wave of quantum threats. Financial institutions must act now to protect their infrastructure.

Banking 130

Banking Authentication Technology Marketing 130

Security Boulevard

FEBRUARY 14, 2025

Plus, Europol offers best practices for banks to adopt quantum-resistant cryptography. In addition to adopting post-quantum cryptography , banks and other financial institutions should take this opportunity to boost their cryptography management practices, according to Europol.

Banking 64

Banking Cybercrime Cybersecurity Ransomware 64

Troy Hunt

APRIL 28, 2024

Remember the old "bank grade security" adage? This week, Commbank is telling people to use a password manager but just not for their bank password, and ANZ bank is forcing people to rotate their passwords once a year because, uh, hackers?

Banking 270

Banking Passwords Password Management Data breaches 270

Security Boulevard

JANUARY 24, 2025

Plus, the EUs DORA cyber rules for banks go into effect. DORA establishes strict cybersecurity requirements for financial firms including banks , insurance companies and investment firms, as well as for third-parties that provide information and communications technology (ICT) products and services to financial sector organizations.

Banking 69

Banking Cybersecurity Artificial Intelligence Ransomware 69

Schneier on Security

JANUARY 9, 2024

This is an old piece of malware—the Chameleon Android banking Trojan—that now disables biometric authentication in order to steal the PIN : The second notable new feature is the ability to interrupt biometric operations on the device, like fingerprint and face unlock, by using the Accessibility service to force a fallback to PIN or password (..)

Malware 326

Malware Banking Passwords Authentication 326

Krebs on Security

FEBRUARY 28, 2025

Madory said Kaspersky’s network appears to be hosting several financial institutions , including Russia’s largest — Alfa-Bank. Doug Madory , director of Internet analysis at Kentik , said routing records show the relationship between Prospero and Kaspersky started at the beginning of December 2024.

Malware 242

Malware Antivirus Software DDOS 242

Lohrman on Security

JULY 28, 2024

On July 19, 2024, a CrowdStrike software update unleashed mayhem on computer systems at airports, banks and more from Australia to Atlanta. What happened, and what lessons can we take away?

Banking 300

Banking Software 300

The Hacker News

MARCH 29, 2025

Cybersecurity researchers have discovered a new Android banking malware called Crocodilus that's primarily designed to target users in Spain and Turkey.

Banking 113

Banking Malware Cybersecurity 113