Krebs on Security

AUGUST 7, 2024

That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. On June 26, Turner filed a pro se lawsuit against PNC Bank , alleging “unlawful discriminatory and tortuous action” after he was denied a wire transfer in the amount of $75,000.

Banking 321

Banking Cybercrime Accountability Retail 321

Security Affairs

NOVEMBER 5, 2024

The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed ToxicPanda, which already infected over 1,500 Android devices. ” reads the report published by Cleafy.

Banking 123

Banking Malware Accountability Antivirus 123

Security Affairs

MARCH 28, 2025

Russian authorities arrested three suspects for developing Mamont, a newly identified Android banking trojan. Russian authorities arrested three suspects in Saratov for developing Mamont (Russian for mammoth), a recently discovered Android banking trojan. Mamont can also spread to contacts in the victims messenger app.

Banking 117

Banking Computers and Electronics Mobile Malware 117

Security Affairs

FEBRUARY 4, 2025

Coyote Banking Trojan targets Brazilian users, stealing data from over 70 financial applications and websites. FortiGuard Labs researchers detected a campaign using LNK files executing PowerShell commands to deploy the Coyote Banking Trojan. Then the malware starts monitoring the active window.

Banking 119

Banking Malware Antivirus Cyber threats 119

Malwarebytes

JUNE 18, 2025

In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. It often starts, as with so many attacks, with a sponsored search result on Google. Often, this ad leads people to a fake website.

Banking 135

Banking Scams Accountability Media 135

Krebs on Security

NOVEMBER 19, 2024

Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. However, it did reference many of the same banks called out as Finastra customers in the Nov.

Data breaches 321

Data breaches Banking Cybercrime Advertising 321

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered a security breach by financially-motivated threat actors. The Daily Monitor newspaper reported that the attackers stole 47.8

Banking 98

Banking Government Accountability Hacking 98

Malwarebytes

NOVEMBER 4, 2024

We identified a new wave of phishing for banking credentials that targets consumers via Microsoft’s search engine. Multi-factor authentication is still highly recommended, but users should be aware that criminals can directly ask for verification codes while pretending to be the real bank.

Engineering 120

Engineering Phishing Banking Authentication 120

Security Boulevard

OCTOBER 31, 2024

The post Shedding AI Light on Bank Wire Transfer Fraud appeared first on Security Boulevard. Wire transfer fraud occurs when scammers convince a company to send money to a fraudulent account. While weeding out suspicious requests like this may seem rudimentary, it’s not.

Banking 109

Banking Accountability Social Engineering Security Awareness 109

SecureWorld News

JUNE 19, 2025

Bank Sepah, one of Iran's oldest and most strategically essential banks, suffered major outages across its ATMs and online services on June 17th. Harden financial and cloud infrastructure This conflict has already demonstrated the vulnerability of fintech, crypto platforms, and core banking systems.

Internet 97

Internet Internet Banking Media 97

Security Affairs

MARCH 19, 2025

California Cryobank, the largest US sperm bank, suffered a data breach exposing customer information. California Cryobank (CCB) is the largest sperm bank in the U.S., providing frozen donor sperm and reproductive services, including egg and embryo storage.

Data breaches 110

Data breaches Banking Insurance Hacking 110

SecureList

MAY 28, 2025

Introduction Zanubis is a banking Trojan for Android that emerged in mid-2022. Since its inception, it has targeted banks and financial entities in Peru, before expanding its objectives to virtual cards and crypto wallets. The malware operated as an overlay-based banking Trojan that abused Android’s accessibility service.

Banking 101

Banking Malware Encryption Energy and Utilities 101

The Hacker News

JULY 8, 2025

Cybersecurity researchers have discovered an Android banking malware campaign that has leveraged a trojan named Anatsa to target users in North America using malicious apps published on Google's official app marketplace.

Banking 94

Banking Malware Cybersecurity 94

Malwarebytes

MARCH 19, 2025

California Cryobank (CCB) is a sperm donation and cryopreservation firm and one of the US top sperm banks. The information potentially involved varies by customer but includes names and one or more of the following: Drivers license numbers Bank account and routing numbers.

Banking 87

Banking Data breaches Computers and Electronics Insurance 87

Penetration Testing

JULY 8, 2025

Anatsa, an advanced Android banking trojan, is targeting North America via Google Play. It steals credentials and conducts remote fraud through disguised apps and overlay attacks.

Banking 70

Banking Cybercrime Malware 70

Security Affairs

MARCH 28, 2025

Grandoreiro Banking Trojan resurfaces, targeting users in Latin America and Europe in new phishing campaigns. Forcepoint X-Labs researchers warn of new phishing campaigns targeting Latin America and Europe in new phishing campaigns.

Banking 90

Banking Phishing Malware Passwords 90

Penetration Testing

MAY 26, 2025

CYFIRMA researchers have uncovered a highly advanced Android remote access trojan (RAT), dubbed GhostSpy, capable of full-spectrum surveillance, The post GhostSpy: Advanced Android RAT Steals Banking Info & Bypasses Security appeared first on Daily CyberSecurity.

Banking 83

Banking Surveillance Cybersecurity Spyware 83

Schneier on Security

FEBRUARY 13, 2025

This approach, known as “separation of duties,” isn’t just bureaucratic red tape; it’s a fundamental security principle as old as banking itself. When your local bank processes a large transfer, it requires two different employees to verify the transaction.

Government 363

Government Artificial Intelligence Banking Software 363

Graham Cluley

JULY 1, 2025

French police have arrested a business student interning at the bank Société Générale who is accused of helping SIM-swapping scammers to defraud 50 of its clients. Read more in my article on the Hot for Security blog.

Banking 87

Banking Mobile 87

Penetration Testing

JUNE 23, 2025

The post Wedding Invitation Scam: SpyMax RAT Targets Indian WhatsApp Users, Stealing OTPs & Banking Credentials appeared first on Daily CyberSecurity.

Banking 74

Banking Scams Cybersecurity Spyware 74

SecureWorld News

JUNE 4, 2025

These breachesaffecting Cartier, Main Street Bank, and The North Faceunderscore the rising threat landscape facing luxury and everyday consumer brands. While no operational impact was reported, the bank terminated its relationship with the vendor. The reputational damage could be immense."

Retail 68

Retail Banking Financial Services Social Engineering 68

Krebs on Security

OCTOBER 30, 2024

Having a freeze in place does nothing to prevent you from using existing lines of credit you may already have, such as credit cards, mortgage and bank accounts.

Healthcare 310

Healthcare Insurance Computers and Electronics Data breaches 310

Krebs on Security

MAY 22, 2025

Initially spotted in May 2018 by researchers at the email security firm Proofpoint , DanaBot is a malware-as-a-service platform that specializes in credential theft and banking fraud. Image: welivesecurity.com. Today, the U.S. It’s not unheard of for financially-oriented malicious software to be repurposed for espionage.

Malware 267

Malware Cybercrime Government Banking 267

The Hacker News

JUNE 30, 2025

The threat actor known as Blind Eagle has been attributed with high confidence to the use of the Russian bulletproof hosting service Proton66.

Banking 100

Banking Phishing 100

Krebs on Security

FEBRUARY 28, 2025

Madory said Kaspersky’s network appears to be hosting several financial institutions , including Russia’s largest — Alfa-Bank. Doug Madory , director of Internet analysis at Kentik , said routing records show the relationship between Prospero and Kaspersky started at the beginning of December 2024.

Malware 278

Malware Antivirus DDOS Software 278

Adam Shostack

JANUARY 2, 2025

Recently, I was opening a new bank account. The bank unexpectedly sent me a temporary password to sign up, and when I did, the temporary password had expired. But then, after I went to reset the password, the bank emailed me a one time code. Only enter it on the bank mobile app or website. Good for them! Less frustration.

Banking 130

Banking Passwords Password Management Authentication 130

The Hacker News

JUNE 23, 2025

Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t seem urgent—until they are. What if your environment is already being tested, just not in ways you expected? Some of the most dangerous moves are hidden in plain sight.

DDOS 113

DDOS Banking Risk 113

The Last Watchdog

JANUARY 15, 2025

Czech cybersecurity startup Wultra has raised 3 million from Tensor Ventures, Elevator Ventures, and J&T Ventures to accelerate the development of its post-quantum authentication technology, safeguarding banks and fintech against the coming wave of quantum threats. Financial institutions must act now to protect their infrastructure.

Banking 130

Banking Authentication Technology Marketing 130

Trend Micro

OCTOBER 13, 2024

This group is targeting enterprises in Brazil, deploying banking malware using obfuscated JavaScript to slip past security defenses. Trend Micro researchers have uncovered a surge of malicious activities involving a threat actor group that we track as Water Makara.

Malware 137

Malware Security Defenses Phishing Banking 137

Troy Hunt

APRIL 28, 2024

Remember the old "bank grade security" adage? This week, Commbank is telling people to use a password manager but just not for their bank password, and ANZ bank is forcing people to rotate their passwords once a year because, uh, hackers?

Banking 293

Banking Passwords Password Management Data breaches 293

Zero Day

MAY 4, 2025

If you're into gadgets that are both practical and budget-friendly, these picks deliver great value and make perfect gifts without breaking the bank.

Banking 116

Banking 116

Schneier on Security

JANUARY 9, 2024

This is an old piece of malware—the Chameleon Android banking Trojan—that now disables biometric authentication in order to steal the PIN : The second notable new feature is the ability to interrupt biometric operations on the device, like fingerprint and face unlock, by using the Accessibility service to force a fallback to PIN or password (..)

Malware 322

Malware Banking Authentication Passwords 322

Security Affairs

NOVEMBER 24, 2024

Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016.

Cybercrime 132

Cybercrime Cryptocurrency Banking Accountability 132