Security Affairs

FEBRUARY 11, 2020

Unauthorized use of customer information by Woori Bank, ‘crime act’ for customers. The bank changed 23,000 passwords in 2018 without consent. It is controversial that Woori Bank changed the p assword s of 23,000 customer dormant accounts without consent in July 2018. About the author: ???

Banking 134

Banking Passwords Accountability Advertising 134

Security Affairs

FEBRUARY 4, 2025

.” Compromised data include names, emails, phone numbers, partial card info for some campus diners, and hashed passwords from legacy systems. The company reset affected passwords. The data breach did not expose passwords, merchant logins, full card numbers, bank details, or Social Security numbers.

Data breaches 117

Data breaches Passwords Accountability Hacking 117

Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. The Neverquest was used by cyber criminals to steal login credentials from banking customers, it leverages on injection mechanisms to provide users fake forms into legitimate banking websites.

Banking 133

Banking Malware Advertising Passwords 133

Security Affairs

MARCH 24, 2022

The Anonymous hacker collective claims to have hacked the Central Bank of Russia and stole accessed 35,000 documents. Anonymous continues to target Russian government organizations and private businesses, now it is claiming to have hacked the Central Bank of Russia. SecurityAffairs – hacking, Bank of Russia).

Banking 132

Banking Hacking Government Cyber Attacks 132

Security Affairs

FEBRUARY 7, 2021

The Largest compilation of emails and passwords (COMB), more than 3.2 billion unique pairs of cleartext emails and passwords have been leaked on a popular hacking forum, the collection aggregates data from past leaks, such as Netflix, LinkedIn , Exploit.in , Bitcoin, and more. billion email and password pairs, all in plaintext.”

Passwords 145

Passwords Hacking Accountability Banking 145

Security Affairs

OCTOBER 2, 2021

Android has detected that your device has been infected,” states the fake security warning observed by the researchers. “FluBot is an Android spyware that aims to steal financial login and password data from your device. You must install an Android security update to remove FluBot.” ” states the report.

Banking 145

Banking Malware Spyware Passwords 145

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once obtained the SIM cards, they were able to bypass SMS-based 2FA used to access bank accounts and steal the money.

Banking 129

Banking Accountability Mobile Cryptocurrency 129

Security Affairs

MAY 15, 2025

.” The security breach did not expose passwords, private keys, or customer funds. Exposed data included contact details, partial SSNs and bank info, ID images, account history, and limited internal documents. “Criminals targeted our customer support agents overseas.

Data breaches 84

Data breaches Banking Accountability Retail 84

Daniel Miessler

MARCH 10, 2022

In that post we talked about 8 levels of password security, starting from using shared and weak passwords and going all the way up to passwordless. A growing percentage of malware packages now include prompts for not only a username and password, but also an MFA code. Get started with WebAuthn >>.

Authentication 364

Authentication Phishing Passwords Accountability 364

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. How to protect yourself and your data Smart ways to secure your devices Strong passwords – Make them long, random, and unique.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Daniel Miessler

MAY 14, 2020

What follows is a set of basic security hygiene steps that will significantly reduce your risk online. Use unique, strong passwords, and store them in a password manager. Many people get hacked from having guessable or previously compromised passwords. Automatic Logins Using Lastpass.

Risk 345

Risk Passwords Password Management Accountability 345

Security Affairs

APRIL 26, 2025

MTN urges customers to stay vigilant by placing fraud alerts, updating apps, using strong passwords, avoiding suspicious links, and enabling multifactor authentication. Compromised data includes full names, contact details, ID numbers, banking information, drivers license numbers, medical records and passport details.

Data breaches 108

Data breaches Telecommunications Financial Services Mobile 108

Security Affairs

AUGUST 16, 2019

The European Central Bank (ECB) announced that threat actors had access for months to the contact information of hundreds of financial industry subscribers to its newsletter. According to the organization, hackers infected with a malware an external server that hosts the Banks’ Integrated Reporting Dictionary (BIRD).

Data breaches 106

Data breaches Banking Advertising Marketing 106

Security Affairs

FEBRUARY 19, 2019

According to a new research conducted by Group-IB experts, 74 percent of Russian banks were not ready for cyberattacks. Even so, 74 percent of Russian banks were not ready for cyberattacks , 29 percent were found to be actively infected with malware, and in 52 percent of cases traces of past attacks were detected.

Banking 101

Banking Marketing Cybercrime Information Security 101

Approachable Cyber Threats

OCTOBER 7, 2024

What changed, and what is NIST's updated password guidance and the role of password strength in 2024?” One area where best practices have evolved significantly over the past twenty years is password security best practices. What are the key takeaways from NIST's updated password guidance?”

Passwords 104

Passwords Password Management Authentication Risk 104

Security Affairs

MARCH 3, 2021

Avast researchers reported that the infamous Ursnif Trojan was employed in attacks against at least 100 banks in Italy. Avast experts recently obtained information on possible victims of Ursnif malware that confirms the interest of malware operators in targeting Italian banks. ” reads the analysis published by Avast.

Banking 95

Banking Malware Passwords Hacking 95

Security Affairs

NOVEMBER 11, 2022

An initial access broker claims to have hacked Deutsche Bank and is offering access to its systems for sale on Telegram. A threat actor ( 0x_dump ) claims to have hacked the multinational investment bank Deutsche Bank and is offering access to its network for sale online. The IAB is offering access to the Deutsche Bank 7.5

Banking 98

Banking Hacking InfoSec Insurance 98

Krebs on Security

OCTOBER 28, 2020

In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems. ”

Hacking 357

Hacking Ransomware Banking Accountability 357

Security Affairs

JUNE 17, 2019

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Threat actors are using the RAT to deliver keyloggers and information stealers. ” reads the analysis published by Cofence. Pierluigi Paganini.

Banking 111

Banking Phishing Advertising Malware 111

Security Affairs

AUGUST 13, 2019

Security experts analyzed a new interesting Android banking Trojan, dubbed Cerberus, that is offered for rent by its author. The malware implements banking Trojan capabilities such as the use of overlay attacks, the ability to intercept SMS messages and access to the contact list. ” continues the report.

Banking 111

Banking Malware Advertising Social Engineering 111

Security Affairs

JANUARY 15, 2020

P&N Bank discloses data breach, customer account information, balances exposed. The Australian P&N Bank is notifying its customers a data breach that has exposed personally identifiable information (PII) and sensitive account data. The bank hired external experts to help it in investigating the incident.

Data breaches 90

Data breaches Banking Accountability Cyber Attacks 90

Security Affairs

MARCH 31, 2021

Experts warn that cybercriminals are targeting Indonesia’s major banks posing as bank representatives or customer support team members on Twitter. To lure victims, cybercriminals pose as bank representatives or customer support team members on Twitter. From January to early March 2021, this scheme grew in scope 2.5-fold

Banking 103

Banking Scams Accountability Media 103

Security Affairs

JUNE 29, 2019

. “Backups of employees’ OneDrive accounts were also present and spanned the wide range of information that employees need to perform their jobs: email correspondence, system passwords, sales and marketing contact information, project specifications, and more.” Pierluigi Paganini.

Banking 111

Banking Backups Big data Advertising 111

Security Affairs

NOVEMBER 3, 2024

Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cryptocurrency 112

Cryptocurrency Hacking Phishing Cyber Attacks 112

Security Affairs

NOVEMBER 10, 2024

CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog DPRK-linked BlueNoroff used macOS malware with novel persistence Canada ordered ByteDance to shut down TikTok operations in the country over security concerns Critical bug in Cisco UWRB access points allows attackers to run commands (..)

Ransomware 119

Ransomware Cybercrime Phishing Banking 119

Security Affairs

NOVEMBER 4, 2024

“Participating in the auction, you have the opportunity to buy more than 6.5TB of databases, internal logins and passwords of employees, a full dump of servers with emergency services applications of the city, access from city video cameras.” A judge issued a temporary restraining order to block his access to it.

Ransomware 117

Ransomware Identity Theft Data breaches Cyber threats 117

Security Affairs

MAY 16, 2024

The Spanish bank Santander disclosed a data breach at a third-party provider that impacted customers in Chile, Spain, and Uruguay. The bank recently became aware of unauthorized access to one of its databases hosted by a third-party provider. ” reads the statement published by the bank. ” continues the statement.

Data breaches 140

Data breaches Banking Passwords Marketing 140

SecureWorld News

APRIL 13, 2025

For instance, errors in the password or odd login habits can be tracked using good AI-driven password managers. 1Password is a top-tier password manager that provides secure password storage, multi-device syncing, and simplified sharing. For example, a Gulf-based bank struggled with high false positive alerts.

Cybersecurity 93

Cybersecurity Artificial Intelligence Threat Detection Cyber threats 93

Security Affairs

MAY 31, 2024

The threat actor ShinyHunters claims breach of Santander and is offering for sale bank data, including information for 30 million customers. A notorious threat actor ShinyHunters is offering a huge trove of data allegedly stolen from the Santander Bank for sale. reads the statement published by the bank.

Banking 132

Banking Data breaches Cybercrime Passwords 132

Security Affairs

FEBRUARY 27, 2021

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. ?A The group claims to have also stolen data from the Banco Pichincha bank and infected a system at Ministry of Finance using for training purposes with PHP-based ransomware.

Hacking 145

Hacking Banking Ransomware Passwords 145

Security Affairs

MAY 3, 2025

“This data includes Co-op Group members’ personal data such as names and contact details, and did not include members’ passwords, bank or credit card details, transactions or information relating to any members’ or customers’ products or services with the Co-op Group,” a spokesperson told BBC.

Data breaches 79

Data breaches Retail Cybercrime Hacking 79

Security Affairs

DECEMBER 18, 2023

These pieces of malware are created with the intent of stealing valuable data, such as login credentials, financial information, personal details, and more. This data may include usernames, passwords, credit card numbers, social security numbers, and other sensitive information.

Banking 136

Banking Cybercrime Malware Accountability 136

The Last Watchdog

APRIL 13, 2022

Enforce strong passwords and implement multi-factor authentication (MFA) — by educating users about using a unique password for each account and enforcing higher security for privileged accounts (administrators, root). Therefore, educating your employees about the importance of security to your network is critical.

Cybersecurity 214

Cybersecurity Cybercrime Education Government 214

Security Affairs

OCTOBER 17, 2021

The customers of Banco Pichincha, the largest bank in Ecuador, are still experiencing service disruptions after a massive cyberattack hit the financial organization early this week. The cyberattack took place over the last weekend and forced the bank to shut down a large part of its computer network in response to the incident.

Banking 127

Banking InfoSec Cyber Attacks Cybercrime 127

Security Affairs

MAY 31, 2023

Real estate agencies handle sensitive data, including customers’ personally identifiable information, bank account details, and other data highly valued by cybercriminals. The file contained PostgreSQL and Redis databases credentials, including host, port, username, and password. Ensuring cybersecurity is vital.

Passwords 98

Passwords Phishing Accountability Banking 98

Security Affairs

SEPTEMBER 18, 2024

Script code snippet – Credit OALABS The attackers hope that the victim will save the password when asked by the browser, so that it will be stolen by StealC running. Enable 2FA Authentication: This measure adds an extra layer of security by requiring a second factor of authentication in addition to the password.

Passwords 130

Passwords Identity Theft Education Authentication 130

Security Affairs

MARCH 31, 2025

Phishing emails use generic or spoofed logos, often impersonating banks or shipping services with scare tactics. To ensure accuracy, victims see an Invalid Password error, prompting them to re-enter credentials. To evade detection, they embed links in compromised sites, URL shorteners, and abuse DoubleClicks open redirects.

DNS 89

DNS Phishing Banking Passwords 89