Security Affairs

NOVEMBER 20, 2021

banking regulators have approved a new rule that orders banks to notify federal regulators of significant cybersecurity incidents within 36 hours. banking regulators this week approved a rule that obliges banks to report any major cybersecurity incidents to the government within 36 hours of discovery. Pierluigi Paganini.

Banking 120

Banking Cybersecurity Financial Services Insurance 120

Security Affairs

SEPTEMBER 24, 2023

A new variant of a banking trojan, called BBTok, targets users of over 40 banks in Latin America, particularly Brazil and Mexico. Check Point researchers warn of a new variant of a banking trojan, called BBTok, that is targeting users of over 40 banks in Latin America. ” reads the report published by Check Point.

Banking 118

Banking Phishing Malware Hacking 118

Security Affairs

APRIL 20, 2023

ICICI Bank leaked millions of records with sensitive data, including financial information and personal documents of the bank’s clients. ICICI Bank, an Indian multinational valued at more than $76 billion, has more than 5,000 branches across India and is present in at least another 15 countries worldwide.

Banking 96

Banking Identity Theft Accountability Phishing 96

Security Affairs

NOVEMBER 10, 2023

The Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack that disrupted trades in the US Treasury market. The Industrial and Commercial Bank of China (ICBC) announced it has contained a ransomware attack that disrupted the U.S. ” reported the Financial Times. ” reported the Financial Times.

Banking 98

Banking Ransomware Marketing Financial Services 98

Security Affairs

MAY 12, 2021

Malware researchers from Cleafy warn of a new Android banking trojan dubbed TeaBot (aka Anatsa) that is targeting banks in Europe. The researchers detected on 29th March 2021, for the first time the inclusion of injections against Italian banks, and in May the malware targeted Belgium and Netherlands banks.

Banking 108

Banking Malware Media Authentication 108

Security Affairs

MAY 17, 2021

Bizarro is a new sophisticated Brazilian banking trojan that is targeting customers of tens of banks in Europe and South America. Researchers from Kaspersky have spotted a new sophisticated Brazilian banking trojan dubbed Bizarro that is targeting customers of tens of 70 banks in Europe and South America.

Banking 102

Banking Social Engineering Malware Engineering 102

Security Affairs

JUNE 5, 2023

Play ransomware group claims responsibility for a ransomware attack that hit Globalcaja, one of the major banks in Spain. Globalcaja is a financial institution in the autonomous community of Castilla-La Mancha, it has more than 300 offices across Spain and provides banking services to more than half a million clients.

Banking 84

Banking Ransomware Data breaches Hacking 84

Security Affairs

FEBRUARY 21, 2022

Xenomorph Android trojan has been observed distributed via the official Google Play Store targeting 56 European banks. Researchers from ThreatFabric have spotted a new Android banking trojan, dubbed Xenomorph , distributed via the official Google Play Store that has over 50,000 installations. ” concludes the report.

Banking 123

Banking Malware Marketing Cryptocurrency 123

Security Affairs

MAY 27, 2022

A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC Android banking trojan version 2.0 ERMAC was first spotted by researchers from Threatfabric in July 2021, it is based on the popular banking trojan Cerberus. Interestingly, we observed that ERMAC 2.0 “ERMAC 2.0

Banking 142

Banking Malware Cybercrime Phishing 142

Security Affairs

JULY 24, 2023

Checkmark researchers have uncovered the first known targeted OSS supply chain attacks against the banking sector. In the first half of 2023, Checkmarx researchers detected multiple open-source software supply chain attacks aimed at the banking sector. ” reads the report published by Checkmarx. ” continues the report.

Banking 87

Banking Hacking Malware Software 87

Security Affairs

MARCH 25, 2022

Anonymous announced that the affiliate group Black Rabbit World has leaked 28 GB of data stolen from the Central Bank of Russia. This week the Anonymous hacker collective claims to have hacked the Central Bank of Russia and stole accessed 35,000 documents. SecurityAffairs – hacking, Central Bank of Russia). Pierluigi Paganini.

Banking 132

Banking Government Hacking Authentication 132

Security Affairs

MARCH 24, 2022

The Anonymous hacker collective claims to have hacked the Central Bank of Russia and stole accessed 35,000 documents. Anonymous continues to target Russian government organizations and private businesses, now it is claiming to have hacked the Central Bank of Russia. SecurityAffairs – hacking, Bank of Russia).

Banking 118

Banking Hacking Government Cyber Attacks 118

Security Affairs

FEBRUARY 1, 2022

A massive social engineering campaign targeting banks has been delivered in the last two years in several countries. The spear-phishing campaigns try to lure vicitms with fake emails that impersonate the banking institutions. Some of them only collect raw data, including the homebanking credentials, SMS tokens and bank codes.

Social Engineering 95

Social Engineering Banking Engineering Phishing 95

Security Affairs

SEPTEMBER 5, 2021

Pacific City Bank was hit by AVOS Locker Ransomware operators, the gang claims to have stolen sensitive file from the company and threatens to leak it. Pacific City Bank is an American community bank that focuses on the Korean-American community based in California and offers commercial banking services.

Banking 120

Banking Ransomware Financial Services Hacking 120

Security Affairs

NOVEMBER 15, 2021

Security researchers from Cleafy discovered a new Android banking trojan, named SharkBot, that is targeting banks in Europe. At the end of October, researchers from cyber security firms Cleafy and ThreatFabric have discovered a new Android banking trojan named SharkBot. ” concludes the report.

Banking 126

Banking Mobile Social Engineering Malware 126

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. ” reads the post published by Zscaler. Pierluigi Paganini.

Banking 90

Banking Malware Antivirus Phishing 90

Security Affairs

NOVEMBER 11, 2022

An initial access broker claims to have hacked Deutsche Bank and is offering access to its systems for sale on Telegram. A threat actor ( 0x_dump ) claims to have hacked the multinational investment bank Deutsche Bank and is offering access to its network for sale online. The IAB is offering access to the Deutsche Bank 7.5

Banking 92

Banking Hacking InfoSec Insurance 92

Security Affairs

JUNE 18, 2022

Malibot is a new Android malware targeting online banking and cryptocurrency wallet customers in Spain and Italy. F5 Labs researchers spotted a new strain of Android malware, named Malibot, that is targeting online banking and cryptocurrency wallet customers in Spain and Italy. ” reads the advisory published by F5 Labs. .

Banking 115

Banking Cryptocurrency Malware Mobile 115

Security Affairs

JULY 31, 2021

Experts spotted a new strain of Android banking Trojan dubbed Vultur that uses screen recording and keylogging for the capturing of login credentials. ThreatFabric researchers discovered a new Android banking Trojan, tracked as Vultur, that uses screen recording and keylogging to capture login credentials. ” concludes the report.

Banking 126

Banking Malware Mobile Media 126

Security Affairs

FEBRUARY 14, 2022

The European Central Bank is warning banks of possible Russia-linked cyber attack amid the rising crisis with Ukraine. The European Central Bank is warning banks of possible Russia-linked cyber attack amid the rising crisis with Ukraine and is inviting them to step up defenses. ” reported Reuters. .

Banking 70

Banking Cyber Attacks Financial Services Cyber threats 70

Security Affairs

FEBRUARY 15, 2022

Ukraine ‘s defense agencies and two state-owned banks were hit by Distributed Denial-of-Service (DDoS) attacks. The Ministry of Defense and the Armed Forces of Ukraine and state-owned banks, Privatbank (Ukraine’s largest bank) and Oschadbank were hit by Distributed Denial-of-Service (DDoS) attacks.

Banking 87

Banking DDOS Accountability Media 87

Security Affairs

MARCH 6, 2023

Fintech platform Hatch Bank disclosed a data breach, hackers exploited a recently discovered zero-day in Fortra GoAnywhere MFT secure file-sharing platform. Hatch Bank is a fintech firm that provides services to other fintech companies. Hatch Bank then worked to identify contact information for the impacted individuals.

Data breaches 96

Data breaches Banking Identity Theft Internet 96

Security Affairs

DECEMBER 12, 2021

Cofense researchers discovered a new phishing campaign using QR codes targeting German e-banking users in the last weeks. The phishing messages are carefully crafted, the content was well-structured and features bank logos. The use of QR codes making it hard for email filters to flag the messages as malicious. Pierluigi Paganini.

Banking 138

Banking Phishing Social Engineering Engineering 138

Security Affairs

JANUARY 20, 2022

The central bank of the Republic of Indonesia, Bank Indonesia, confirmed the ransomware attack that hit it in December. Bank Indonesia confirmed that it was the victim of a ransomware attack that took place last month. A bank spokesperson told Reuters that the ransomware attack did not impact services. GB worth of files.

Banking 103

Banking Ransomware Cybercrime Malware 103

Security Affairs

OCTOBER 1, 2021

Experts warn of a new Hydra banking trojan campaign targeting European e-banking platform users, including the customers of Commerzbank. . Experts warn of a malware campaign targeting European e-banking platform users with the Hydra banking trojan. ” concludes Cyble. Pierluigi Paganini.

Banking 109

Banking Malware Encryption Hacking 109

Krebs on Security

APRIL 27, 2023

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. Huntington Bank has disabled the leaky TCF Bank Salesforce website.

Banking 294

Banking Government Information Security Authentication 294

Security Affairs

OCTOBER 21, 2022

Mandiant researchers warn of a significant shift from Ursnif ‘s original purpose, the malware initially used in banking frauds is now used to deliver next-stage payloads and steal sensitive data. The new variant, first observed in June 2022 and dubbed LDR4, is not a banking trojan, but a generic backdoor. . Pierluigi Paganini.

Banking 86

Banking Malware Hacking Ransomware 86

Security Affairs

MARCH 18, 2022

Experts spotted a new Unix rootkit, called Caketap, that was used to steal ATM banking data. Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data, while investigating the activity of the LightBasin cybercrime group (aka UNC1945 ). ” reads the analysis published by Mandiant.

Banking 128

Banking Telecommunications System Administration Hacking 128

Security Affairs

NOVEMBER 12, 2022

Experts discovered two new malicious dropper apps on the Google Play Store distributing the Xenomorph banking malware. Zscaler ThreatLabz researchers discovered a couple of malicious dropper apps on the Play Store distributing the Xenomorph banking malware. The it downloads the malicious Xenomorph banking trojan samples from Github.

Banking 91

Banking Malware Hacking Mobile 91

Security Affairs

SEPTEMBER 11, 2021

SOVA is a new Android banking trojan that targets banking applications, cryptocurrency wallets, and shopping apps from the U.S. The malware allows attacker to gather sensitive data from infected devices, including banking credentials and PII. SecurityAffairs – hacking, banking Trojan). s explicit feature roadmap.”

Banking 95

Banking DDOS Cryptocurrency Mobile 95

Security Affairs

SEPTEMBER 12, 2020

The Development Bank of Seychelles (DBS) was hit by a ransomware attack disclose the Central Bank of Seychelles (CBS). The Central Bank of Seychelles (CBS) disclosed via a press statement that the Development Bank of Seychelles (DBS) was hit by a ransomware attack. ” reads the statement.”The

Banking 120

Banking Ransomware Government Advertising 120

Security Affairs

SEPTEMBER 26, 2020

A powerful DDoS attack hit some Hungarian banking and telecommunication services that briefly disrupted them. The distributed denial of service attack was able to disrupt the services of some of the banks in the country causing temporary interruptions in Magyar Telekom’s services in certain parts of the capital, Budapest.

DDOS 145

DDOS Banking Telecommunications Advertising 145

Security Affairs

JULY 31, 2022

The researchers discovered over a dozen Android Apps on Google Play Store, collectively dubbed DawDropper, that were dropping Banking malware. ” DawDropper apps were spotted dropping four families of banking trojans, including Octo, Hydra, Ermac , and TeaBot. “It also hosts malicious payloads on GitHub. Pierluigi Paganini.

Banking 117

Banking Malware VPN Hacking 117

Security Affairs

JULY 12, 2022

Christine Lagarde, the president of the European Central Bank, was the target of a failed hacking attempt. The European Central Bank confirmed that its President, Christine Lagarde, was the target of a failed hacking attempt. ” reported the Associated Press. ” reported the Associated Press. Pierluigi Paganini.

Banking 87

Banking Hacking Mobile Accountability 87

Security Affairs

APRIL 6, 2023

A digital identification tool provided by OCR Labs to major banks and government agencies leaked sensitive credentials, putting clients at severe risk. Data leak affected QBANK, Defence Bank, Bloom Money, Admiral Money, MA Money, and Reed. London-based OCR Labs is a major provider of digital ID verification tools.

Banking 85

Banking Financial Services Identity Theft Accountability 85

Security Affairs

SEPTEMBER 12, 2021

A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks. The new maxtrilha trojan is being disseminated and targeting several banks around the world. Figure 1: High-level diagram of maxtrilha banking trojan.

Banking 124

Banking Malware Internet Internet 124

Threatpost

DECEMBER 1, 2020

An offshore Cayman Islands bank’s backups, covering a $500 million investment portfolio, were left unsecured and leaking personal banking information, passport data and even online banking PINs.

Banking 113

Banking Backups Information Security 113