Banking, Ransomware and Security Intelligence

9 Considerations For Hong Kong Banks To Address The STDB Guidelines

Thales Cloud Protection & Licensing

OCTOBER 4, 2021

9 Considerations For Hong Kong Banks To Address The STDB Guidelines. To address the escalating cyber risks, the Hong Kong Association of Banks (HKAB) developed and published guidelines for Secure Tertiary Data Backup (STDB). Tue, 10/05/2021 - 06:55. Cyber incidents pose a threat to the stability of the global financial system.

Banking

Banking Digital transformation Encryption Backups

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. The TA505 group was involved in campaigns aimed at distributing the Dridex banking Trojan, along with Locky , BitPaymer , Philadelphia , GlobeImposter , and Jaff ransomware families. states Microsoft. We strongly recommend patching.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

MAY 1, 2019

In 2015, penetration tester Oliver Münchow was asked by a Swiss bank to come up with a better way to test and educate bank employees so that passwords never left the network perimeter. He came up with a new approach to testing and training the bank’s employees – and the basis for a new company, LucySecurity.

Social Engineering

Social Engineering Engineering Phishing Banking

Ransom hits main street

Webroot

NOVEMBER 5, 2021

But despite the headlines, most ransomware targets families as well as small and medium sized businesses. And it makes sense – just like it is for common criminals, it’s easier to steal a purse than it is to rob millions from a bank. Targeted by ransomware. Ransomware tactics. Their goal is disruption.

Ransomware

Ransomware Backups Technology Banking

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. Security experts from cyber-security firm Prevailion reported that TA505 has compromised more than 1,000 organizations.

Malware

Malware Security Intelligence Banking Phishing

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. The infamous banking trojan is also used to deliver other malicious code, such as Trickbot and QBot trojan or ransomware such as Conti (TrickBot) or ProLock (QBot).

Government

Government Banking Malware Advertising

Malware authors join forces and target organisations with Domino Backdoor

Malwarebytes

APRIL 18, 2023

There’s a new ransomware gang in town, stitched together from members of well known threat creators to push a new kind of malware focused on punishing unwary organisations. The malware family, called “Domino”, is the brainchild of FIN7 and ex-Conti ransomware members. This current campaign is, sadly, no different.

Malware

Malware Banking Ransomware Passwords

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Additional malware is downloaded and installed when running these macros. .

Malware

Malware Passwords Advertising Cybercrime

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). Microsoft researchers also spotted a ransomware gangs that is exploiting ProxyLogon flaws to spread a piece of malware tracked as DearCry. 2/5 — ESET research (@ESETresearch) March 2, 2021.

Cyber Attacks

Cyber Attacks Cybercrime Authentication Hacking

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

Webroot

JANUARY 7, 2022

“In 2022, the widespread growth of mobile access will increase the prevalence of mobile malware, given all of the behavior tracking capabilities,” says Grayson Milbourne, security intelligence director, Carbonite + Webroot, OpenText companies. Ransomware. Earlier in 2021, we detailed the hidden costs of ransomware in our eBook.

Cybercrime

Cybercrime Phishing Ransomware Cryptocurrency

Microsoft partnered with other security firms to takedown TrickBot botnet

Security Affairs

OCTOBER 12, 2020

link] — Microsoft Security Intelligence (@MsftSecIntel) October 12, 2020. Trickbot has been active since 2016, at the time the authors of the author designed it to steal banking credentials. Microsoft took action against the Trickbot botnet, disrupting one of the world’s most persistent malware operations.

Malware

Malware Banking Advertising Financial Services

NEW TECH: Exabeam retools SIEMs; applies credit card fraud detection tactics to network logs

The Last Watchdog

MARCH 19, 2019

Security information and event management, or SIEM, could yet turn out to be the cornerstone technology for securing enterprise networks as digital transformation unfolds. Related: How NSA cyber weapon could be used for a $200 billion ransomware caper. Exabeam is a bold upstart in the SIEM space.

Big data

Big data IoT Internet Internet

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Security Affairs

NOVEMBER 11, 2019

Read our latest blog w/ assist from @GossiTheDog & @MalwareTechBlog [link] — Microsoft Security Intelligence (@MsftSecIntel) November 7, 2019. The ACSC also warns about the Emotet threat, a banking trojan that has been active since 2014. Locate and patch exposed RDP services now. ” Noble added.

Small Business

Small Business Malware Cryptocurrency Advertising

Hackers Also Have Financial Reporting And Quotas :)

Security Boulevard

JUNE 18, 2022

Chief Hacking Officer: Yevi, where are you at with London bank hack?”. Security kinda tough get inside.”. The spending on cybersecurity tools, security staff, upgrade of the security operations center, and security awareness training is an aggregation of efforts to reduce the organization’s overall risk posture.

Hacking

Hacking CISO Cybersecurity Banking

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016. Aimed at reducing corporate vulnerability to insider threats, info security professionals should regularly monitor the most important infrastructure locations.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Emotet operators are running Halloween-themed campaigns

Security Affairs

OCTOBER 31, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. The infamous banking trojan is also used to deliver other malicious code, such as Trickbot and QBot trojan or ransomware such as Conti (TrickBot) or ProLock (QBot). Enable Edition template mostly used.

Banking

Banking Malware Security Intelligence Advertising

Cyber Security Informer

9 Considerations For Hong Kong Banks To Address The STDB Guidelines

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Trending Sources

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

Ransom hits main street

Microsoft warns TA505 changed tactic in an ongoing malware campaign

CISA alert warns of Emotet attacks on US govt entities

Malware authors join forces and target organisations with Domino Backdoor

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Researchers warn of a surge in cyber attacks against Microsoft Exchange

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

Microsoft partnered with other security firms to takedown TrickBot botnet

NEW TECH: Exabeam retools SIEMs; applies credit card fraud detection tactics to network logs

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Hackers Also Have Financial Reporting And Quotas :)

Cyber Security Awareness and Risk Management

Emotet operators are running Halloween-themed campaigns

Stay Connected