Banking and Technology - Cyber Security Informer

How Cryptocurrency Turns to Cash in Russian Banks

Krebs on Security

DECEMBER 11, 2024

They also allow the exchange of cryptocurrency for cash in accounts at some of Russia’s largest banks — nearly all of which are currently sanctioned by the United States and other western nations. At that address is a three-story building that used to be a bank and now houses a massage therapy clinic and a co-working space.

Cryptocurrency

Cryptocurrency Banking Cybercrime Advertising

Crooks bank on Microsoft’s search engine to phish customers

Malwarebytes

NOVEMBER 4, 2024

We identified a new wave of phishing for banking credentials that targets consumers via Microsoft’s search engine. Multi-factor authentication is still highly recommended, but users should be aware that criminals can directly ask for verification codes while pretending to be the real bank.

Engineering

Engineering Phishing Banking Authentication

Fintech Giant Finastra Investigating Data Breach

Krebs on Security

NOVEMBER 19, 2024

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. However, it did reference many of the same banks called out as Finastra customers in the Nov. ” On Nov. abyss0’s Nov. 8 post on BreachForums.

Data breaches

Data breaches Banking Cybercrime Advertising

Is Your Chip Card Secure? Much Depends on Where You Bank

Krebs on Security

JULY 30, 2020

based merchants suggest thieves are exploiting weaknesses in how certain financial institutions have implemented the technology to sidestep key chip card security features and effectively create usable, counterfeit cards. Newer, chip-based cards employ a technology known as EMV that encrypts the account data stored in the chip.

Banking

Banking Malware Encryption Accountability

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

As a result, data protection needs to be a concern for most banks, businesses, and information technology specialists. million attacks, the threat marked a 148% increase compared to 2020 and was the most expensive year on record! It’s mindboggling, but right now for 49% of respondents, cybersecurity is their primary business concern.

Ransomware

Report: Big U.S. Banks Are Stiffing Account Takeover Victims

Krebs on Security

OCTOBER 7, 2022

consumers have their online bank accounts hijacked and plundered by hackers, U.S. But new data released this week suggests that for some of the nation’s largest banks, reimbursing account takeover victims has become more the exception than the rule. Bank , and Wells Fargo. ” Sen.

Banking

Banking Accountability Scams Passwords

The Risk of Weak Online Banking Passwords

Krebs on Security

AUGUST 5, 2019

If you bank online and choose weak or re-used passwords, there’s a decent chance your account could be pilfered by cyberthieves — even if your bank offers multi-factor authentication as part of its login process. Crooks are constantly probing bank Web sites for customer accounts protected by weak or recycled passwords.

Banking

Banking Passwords Risk Accountability

Zanubis in motion: Tracing the active evolution of the Android banking malware

SecureList

MAY 28, 2025

Introduction Zanubis is a banking Trojan for Android that emerged in mid-2022. Since its inception, it has targeted banks and financial entities in Peru, before expanding its objectives to virtual cards and crypto wallets. The malware operated as an overlay-based banking Trojan that abused Android’s accessibility service.

Banking

Banking Malware Energy and Utilities Encryption

Banks, Arbitrary Password Restrictions and Why They Don't Matter

Troy Hunt

SEPTEMBER 17, 2019

Allow me to be controversial for a moment: arbitrary password restrictions on banks such as short max lengths and disallowed characters don't matter. Also, allow me to argue with myself for a moment: banks shouldn't have these restrictions in place anyway. for my *online banking*. 6 characters.

Banking

Banking Passwords Accountability Authentication

Shedding AI Light on Bank Wire Transfer Fraud

Security Boulevard

OCTOBER 31, 2024

The post Shedding AI Light on Bank Wire Transfer Fraud appeared first on Security Boulevard. Wire transfer fraud occurs when scammers convince a company to send money to a fraudulent account. While weeding out suspicious requests like this may seem rudimentary, it’s not.

Banking

Banking Accountability Social Engineering Security Awareness

News alert: Wultra secures €3M funding to help financial firms mitigate coming quantum threats

The Last Watchdog

JANUARY 15, 2025

15, 2025, CyberNewswire — Quantum computing is set to revolutionize technology, but it also presents a significant security risk for financial institutions. This investment allows us to develop next-generation solutions and deepen our presence in key banking markets that recognize the urgency of post-quantum threats.

Banking

Banking Authentication Technology Marketing

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

based technology companies. Donahue said 60 technology companies are now routing all law enforcement data requests through Kodex, including an increasing number of financial institutions and cryptocurrency platforms. “That can include control over data, like an account freeze or preservation request.”

Hacking

Hacking Accountability Government Social Engineering

10 Personal Finance Lessons for Technology Professionals

Troy Hunt

DECEMBER 30, 2018

So here it is - 10 Personal Financial Lessons for Technology Professionals. For example, the ICT industry (Information, Communication, Technology) was the 5th highest paying with an average salary of $104,874 (dollars are Aussie, take off about 30% for USD). Banking is below that. Intro: This Industry Rocks! Medical even lower.

Technology

Technology Marketing Education Insurance

Accellion Supply Chain Hack

Schneier on Security

MARCH 23, 2021

The governor of New Zealand’s central bank, Adrian Orr, says Accellion failed to warn it after first learning in mid-December that the nearly 20-year-old FTA application — using antiquated technology and set for retirement — had been breached. Despite having a patch available on Dec. CISA alert.

Hacking

Hacking Banking Technology Software

Evolve Bank data breach impacted fintech firms Wise and Affirm

Security Affairs

JULY 2, 2024

Fintech firms Wise and Affirm confirmed they were both impacted by the recent data breach suffered by Evolve Bank. Fintech companies Wise and Affirm have confirmed that they were both affected by the recent data breach at Evolve Bank. Evolve will directly contact impacted customers and financial technology partners.

Data breaches

Data breaches Banking Retail Accountability

Fintech Giant Fiserv Used Unclaimed Domain

Krebs on Security

MARCH 17, 2021

Here’s the story of one such goof committed by Fiserv [ NASDAQ:FISV ], a $15 billion firm that provides online banking software and other technology solutions to thousands of financial institutions. Vegh could see the message from his bank referenced a curious domain: defaultinstitution.com.

Banking

Banking Accountability Software Mobile

Evolve Bank data breach impacted over 7.6 million individuals

Security Affairs

JULY 9, 2024

The Lockbit ransomware attack on Evolve Bank has compromised the personal information of over 7.6 At the end of June, the LockBit gang announced that it had breached the systems of the Federal Reserve of the United States and exfiltrated 33 TB of sensitive data, including “Americans’ banking secrets.” million individuals.

Data breaches

Data breaches Banking Retail Ransomware

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

DevHub is a platform designed for developers to access resources, tools, and APIs to build and integrate applications with Cisco’s technologies. IntelBroker targeted many major organizations in past attacks, including AMD , AT&T, Bank of America, Microsoft, Europol , SAP, T-Mobile, Verizon, and others.

Cybercrime

Cybercrime Data breaches Technology Banking

New Linux FASTCash Variant: Threats to Banking Systems

Hacker's King

DECEMBER 17, 2024

The cybersecurity world has been abuzz with news of a new Linux variant of FASTCash, a sophisticated malware targeting the banking sector. FASTCash has gained notoriety for its ability to bypass banking security protocols, enabling cybercriminals to withdraw massive amounts of cash from ATMs.

Banking

Banking Social Engineering Malware Cyber threats

RSAC Fireside Chat: X9 PKI emerges to help financial sector interoperate, get ready for ‘Q-Day’

The Last Watchdog

APRIL 24, 2025

Related: PKI and the IoT cloud One quiet but consequential development now taking root in the financial sector could prove pivotal: the emergence of a dedicated Public Key Infrastructure (PKI) framework, tailored to banks and payment networks, guided by the Accredited Standards Committee X9 (ASC X9), and being rolled out by DigiCert.

Banking

Banking Internet Internet IoT

Coyote: A multi-stage banking Trojan abusing the Squirrel installer

SecureList

FEBRUARY 8, 2024

The developers of banking Trojan malware are constantly looking for inventive ways to distribute theirs implants and infect victims. In a recent investigation, we encountered a new malware that specifically targets users of more than 60 banking institutions, mainly from Brazil.

Banking

Banking Encryption Malware Technology

CyberSecurity Is Not Enough: Businesses Must Insure Against Cyber Losses

Joseph Steinberg

JULY 8, 2021

No bank in the United States will issue a mortgage, for example, to someone who purchases a house but refuses to insure the home against fire; the bank will not relax its position even if the home has been built with every possible known fire suppression and mitigation system.

Insurance

Insurance Cyber Insurance Cybersecurity Small Business

Truist bank confirms data breach

Malwarebytes

JUNE 14, 2024

On Wednesday June 12, 2024, a well-known dark web data broker and cybercriminal acting under the name “Sp1d3r” offered a significant amount of data allegedly stolen from Truist Bank for sale. Truist is a US bank holding company and operates 2,781 branches in 15 states and Washington DC.

Data breaches

Data breaches Banking Passwords Phishing

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

“No passwords” , “no bank cards” , “no content of communications (emails, SMS, voice messages, etc.)” The company said that passwords and bank card details were not compromised, it also pointed out that its customers’ communications were not exposed.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

Museum Security

Schneier on Security

OCTOBER 19, 2022

Interesting interview : Banks don’t take millions of dollars and put them in plastic bags and hang them on the wall so everybody can walk right up to them. But we do basically the same thing in museums and hang the assets right out on the wall.

Banking

Banking Technology

Cybercriminals attack banking customers in EU with V3B phishing kit – PhotoTAN and SmartID supported.

Security Affairs

JUNE 4, 2024

Resecurity uncovered a cybercriminal group that is providing a sophisticated phishing kit, named V3B, to target banking customers in the EU. “Currently, it is estimated that hundreds of cybercriminals are using this kit to commit fraud, leaving victims with empty bank accounts. . ” reads the report published Resecurity.

Banking

Banking Phishing Social Engineering Engineering

Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks

Security Boulevard

JANUARY 24, 2025

Plus, the EUs DORA cyber rules for banks go into effect. DORA establishes strict cybersecurity requirements for financial firms including banks , insurance companies and investment firms, as well as for third-parties that provide information and communications technology (ICT) products and services to financial sector organizations.

Banking

Banking Cybersecurity Artificial Intelligence Ransomware

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned Chinese firm Sichuan Juxinhe Network Technology Co., government systems, including the recent targeting of Treasurys information technology (IT) systems, as well as sensitive U.S. telecommunication and internet service providers. critical infrastructure.”

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Krebs on Security

MAY 29, 2025

government today imposed economic sanctions on Funnull Technology Inc. , cloud Internet providers allows cybercriminals to connect to websites from web addresses that are geographically close(r) to their targets and victims (to sidestep location-based security controls by your bank, for example). Image: Shutterstock, ArtHead.

Scams

Scams Internet Internet Cybercrime

Arrests in Tap-to-Pay Scheme Powered by Phishing

Krebs on Security

MARCH 21, 2025

Rather, the missives are sent through the Apple iMessage service and through RCS , the functionally equivalent technology on Google phones. A CBS News story on the Sacramento arrests said one of the suspects tried to use 42 separate bank cards, but that 32 were declined.

Phishing

Phishing Mobile Scams Banking

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Security Boulevard

FEBRUARY 14, 2025

Plus, Europol offers best practices for banks to adopt quantum-resistant cryptography. In addition to adopting post-quantum cryptography , banks and other financial institutions should take this opportunity to boost their cryptography management practices, according to Europol.

Banking

Banking Cybercrime Cybersecurity Ransomware

Cyber Security in Banking: Threats, Solutions & Best Practices

eSecurity Planet

SEPTEMBER 13, 2024

Cyber security in banking has become the frontline defense against an ever-growing wave of digital threats. With billions of dollars and sensitive data at risk, banks are under constant pressure to stay one step ahead of cybercriminals. Table of Contents Toggle What is Cyber Security in Banking?

Banking

Banking Identity Theft DDOS Cyber threats

GUEST ESSAY: The key role static code analyzers play in detecting coding errors, eliminating flaws

The Last Watchdog

DECEMBER 3, 2024

Related: The convergence of network, application security For example, vulnerabilities in banking applications can lead to financial data leaks, and errors in medical systems can threaten the health of patients. Such incidents not only harm users but also undermine trust in technology in general, and pose reputational risks to companies.

Software

Software Risk Education Cyber Attacks

Mobile malware evolution in 2024

SecureList

MARCH 3, 2025

million malicious and potentially unwanted installation packages were detected, almost 69,000 of which associated with mobile banking Trojans. Attacks on Kaspersky mobile users in 2024 ( download ) At the end of 2024, we discovered a new distribution scheme for the Mamont banking Trojan, targeting users of Android devices in Russia.

Mobile

Mobile Malware Adware Banking

When Efforts to Contain a Data Breach Backfire

Krebs on Security

AUGUST 16, 2022

The missive alleged that an auction on the site for data stolen from 10 million customers of Mexico’s second-largest bank was fake news and harming the bank’s reputation. The administrator responded to this empty threat by purchasing the stolen banking data and leaking it on the forum for everyone to download.

Data breaches

Data breaches Banking Cybercrime Marketing

RSAC Fireside Chat: IRONSCALES utilizes LLM, superior intel to stay a step ahead of Deep Fakes

The Last Watchdog

MAY 21, 2024

I had the chance to sit down with Eyal Benishti , IRONSCALES founder and CEO, to get a breakdown of how their new Generative Adversarial Network (GAN) technology utilizes a specialized LLM to reinforce anti-phishing mitigation services. One promising example of the latter comes from messaging security vendor IRONSCALES.

Phishing

Phishing Banking Technology Internet

As Seen on Channel 5’s Vanessa (Feltz) Show: What to Do if You’re Targeted by a Scam

Jane Frankland

MAY 16, 2025

Here’s a breakdown of the most widespread and damaging scams today: Impersonation Scams (51% of fraud cases) where fraudsters pose as: Banks, HMRC, DVLA, or government agencies. Guilt or Authority Pressure: Messages from “your boss,” “the bank,” or “your child” asking for urgent help or discretion.

Scams

Scams Password Management Passwords Banking

MY TAKE: Businesses gravitate to ‘passwordless’ authentication — widespread consumer use up next

The Last Watchdog

MAY 24, 2022

Passwordless technology is certainly ready for prime time; innovative solutions from suppliers like Cisco’s Duo, Hypr, OneLogin and Veridium have been steadily gaining traction in corporate settings for the past few years. “Our One bank in the U.S. Here are a few takeaways. Security + efficiency. Our brains just won’t do it.”.

Authentication

Authentication Passwords Banking Digital transformation

New Atrium Health data breach impacts 585,000 individuals

Security Affairs

DECEMBER 6, 2024

Atrium Health launched an investigation into the security breach and discovered that from January 2015 to July 2019, certain online tracking technologies were active on its MyAtriumHealth (formerly MyCarolinas) Patient Portal, accessible via web and mobile. The company notified the US Department of Health and Human Services (HHS).

Data breaches

Data breaches Identity Theft Accountability Technology

CFPB’s Proposed Data Rules

Schneier on Security

JANUARY 31, 2024

Officials at the CFPB have described the new rules as an attempt to accelerate a shift toward “open banking,” and after an initial comment period on the new rules closed late last year, Rohit Chopra, the CFPB’s director, has said he would like to see the rule finalized by this fall.

Banking

Banking Financial Services Marketing Data privacy

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

The Last Watchdog

MARCH 24, 2025

There are two sides to this: 1) assessing a technology vendors cryptoagility efforts in your RFPs as a part of determining third-party tech supplier risk, 2) assessing a technology vendors capability to help you in your PQC migration as technology functionality you can use.

Encryption

Encryption Financial Services Technology Risk

The Rise of One-Time Password Interception Bots

Krebs on Security

SEPTEMBER 29, 2021

“Over the past few months, we’ve seen actors provide access to services that call victims, appear as a legitimate call from a specific bank and deceive victims into typing an OTP or other verification code into a mobile phone in order to capture and deliver the codes to the operator. Then you can call your bank or whoever else you need.

Passwords

Passwords Mobile Authentication Banking

Passkey Adoption Is Accelerating in APAC — Except for Australia

Tech Republic Security

SEPTEMBER 2, 2024

Australian banks and government are not rushing to adopt passkey authentication methods, despite the added security benefits. Learn why they lag in embracing this crucial technology.

Banking

Banking Authentication Government Technology

Cisco states that the second data leak is linked to the one from October

Security Affairs

DECEMBER 30, 2024

DevHub is a platform designed for developers to access resources, tools, and APIs to build and integrate applications with Ciscos technologies. IntelBroker targeted many major organizations in past attacks, including AMD , AT&T, Bank of America, Microsoft, Europol , SAP, T-Mobile, Verizon, and others. ” concludes the update.

Data breaches

Data breaches Cybercrime Authentication Technology

How Cryptocurrency Turns to Cash in Russian Banks

Crooks bank on Microsoft’s search engine to phish customers

Trending Sources

Fintech Giant Finastra Investigating Data Breach

Is Your Chip Card Secure? Much Depends on Where You Bank

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Report: Big U.S. Banks Are Stiffing Account Takeover Victims

The Risk of Weak Online Banking Passwords

Zanubis in motion: Tracing the active evolution of the Android banking malware

Banks, Arbitrary Password Restrictions and Why They Don't Matter

Shedding AI Light on Bank Wire Transfer Fraud

News alert: Wultra secures €3M funding to help financial firms mitigate coming quantum threats

FBI: Spike in Hacked Police Emails, Fake Subpoenas

10 Personal Finance Lessons for Technology Professionals

Accellion Supply Chain Hack

Evolve Bank data breach impacted fintech firms Wise and Affirm

Fintech Giant Fiserv Used Unclaimed Domain

Evolve Bank data breach impacted over 7.6 million individuals

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

New Linux FASTCash Variant: Threats to Banking Systems

RSAC Fireside Chat: X9 PKI emerges to help financial sector interoperate, get ready for ‘Q-Day’

Coyote: A multi-stage banking Trojan abusing the Squirrel installer

CyberSecurity Is Not Enough: Businesses Must Insure Against Cyber Losses

Truist bank confirms data breach

France’s second-largest telecoms provider Free suffered a cyber attack

Museum Security

Cybercriminals attack banking customers in EU with V3B phishing kit – PhotoTAN and SmartID supported.

Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Arrests in Tap-to-Pay Scheme Powered by Phishing

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Cyber Security in Banking: Threats, Solutions & Best Practices

GUEST ESSAY: The key role static code analyzers play in detecting coding errors, eliminating flaws

Mobile malware evolution in 2024

When Efforts to Contain a Data Breach Backfire

RSAC Fireside Chat: IRONSCALES utilizes LLM, superior intel to stay a step ahead of Deep Fakes

As Seen on Channel 5’s Vanessa (Feltz) Show: What to Do if You’re Targeted by a Scam

MY TAKE: Businesses gravitate to ‘passwordless’ authentication — widespread consumer use up next

New Atrium Health data breach impacts 585,000 individuals

CFPB’s Proposed Data Rules

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

The Rise of One-Time Password Interception Bots

Passkey Adoption Is Accelerating in APAC — Except for Australia

Cisco states that the second data leak is linked to the one from October

Stay Connected