Banking and Finance


  • SoumniBot: the new Android banker’s unique techniques

    April 17, 2024

    The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception. As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or spyware to smartphones, are very popular among malicious actors who attack mobile devices. That said, we ...

  • IMF: Rising Cyber Threats Pose Serious Concerns for Financial Stability

    April 9, 2024

    Cyberattacks have more than doubled since the pandemic. While companies have historically suffered relatively modest direct losses from cyberattacks, some have experienced a much heavier toll. US credit reporting agency Equifax, for example, paid more than $1 billion in penalties after a major data breach in 2017 that affected about 150 million consumers. As we show ...

  • Prudential Financial February incident exposed data of nearly 37K customers

    April 2, 2024

    Prudential Financial disclosed that 36,545 individuals had personal information stolen in an early February breach that was claimed by ALPHV/BlackCat, the group also responsible for the Change Healthcare ransomware attack. In a letter to consumers March 29, the large insurance company said the stolen personal data includes names, addresses, driver’s license numbers, and non-driver identification card ...

  • Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script

    March 26, 2024

    Since its discovery in 2022, the Agenda Ransomware group (also known as Qilin) has been active and in development. Agenda, which Trend Micro tracks as Water Galura, continues infecting victims globally with the US, Argentina, and Australia, and Thailand being among its top targets (based on the threat actor’s leak site data). Meanwhile the Agenda ransomware ...

  • GM stops sharing driver data with brokers amid backlash

    March 22, 2024

    After public outcry, General Motors has decided to stop sharing driving data from its connected cars with data brokers. Last week, news broke that customers enrolled in GM’s OnStar Smart Driver app have had their data shared with LexisNexis and Verisk. Those data brokers in turn shared the information with insurance companies, resulting in some drivers ...

  • From Ransomware to Pig Butchering, Visa Report Shows Top Scams Impacting Consumers and Businesses Globally

    March 20, 2024

    Today, Visa released the Spring 2024 Edition of its Biannual Threats Report, which outlines the top payment threats impacting consumers and businesses around the world. The report points to increasingly organized, sophisticated threat actors targeting the most vulnerable point in the payments’ ecosystem: humans. Read more… Source: Yahoo News  

  • ‘Glitch’ at Ethiopia’s biggest bank sees customers withdraw millions that isn’t theirs

    March 19, 2024

    Ethiopia’s largest bank is struggling to recoup millions of dollars after a glitch over the weekend allowed customers to withdraw unlimited funds, according to local media reports. More than $40 million was reportedly withdrawn from the state-owned Commercial Bank of Ethiopia or transferred to other banks, as customers discovered they could withdraw more than their total ...

  • Experian Is Trying To Force WhatsApp To Hand Over User Data In An ‘Odd’ Court Battle

    March 19, 2024

    Experian, the $40 billion credit monitoring company, has asked a U.S. judge to force WhatsApp to provide users’ call and message records to aid it in fighting separate lawsuits, according to court records obtained by Forbes. In February, Experian sent two subpoenas to WhatsApp, asking for information that included all phone numbers and call and message ...

  • Cybercrime Atlas: International effort to disrupt cybercrime moves into operational phase

    March 14, 2024

    The Cybercrime Atlas, a massive undertaking that aims to disrupt cybercriminals across the globe, enters its operational phase in 2024, two years after organizers laid the groundwork at the RSA Conference.… Its members now include 20-plus law enforcement agencies, private-sector security companies and incident responders, financial institutions, NGOs, and academics. Over the past year, the investigations ...

  • FBI Report Reveals Americans Lost Staggering $3.94 Billion to Crypto Investment Scams in 2023

    March 9, 2024

    The surge in cryptocurrency scams in 2023, as reported by the FBI, underscores the growing prevalence of digital currency in online crime. With losses reaching $3.94 billion, a 53% increase from the previous year, these scams represent a significant portion of overall investment frauds, which amounted to $4.57 billion. Cryptocurrency scams encompass a range of deceptive ...

  • Jersey data breach leaks personal information

    March 7, 2024

    A data breach at Jersey’s Financial Services Commission has allowed access to non-public names and addresses. The organisation confirmed a “vulnerability” was detected in its Registry system on 23 January. It said the leak did not link any individuals to registered entities or roles held and that it had separately written to those whose names and addresses ...

  • Italy privacy watchdog fines Unicredit $3.1 million for data breach

    March 7, 2024

    Italy’s data protection authority has fined UniCredit, the country’s second-largest bank, 2.8 million euros ($3.1 million) for a data breach case in 2018 affecting thousands of customers and former customers, it said on Thursday. The bank responded that it would appeal the decision to court, adding that no bank data had been compromised and the incident ...

  • Insurance giant Fidelity hit by data breach

    March 6, 2024

    Sensitive information belonging to tens of thousands of Fidelity Investments Life Insurance customers was stolen, reportedly thanks to a supply chain attack that happened in 2023. The insurance giant has filed a data breach notification with the Maine attorney general’s office in which it stated that 28,268 of its customers had their private data leaked after ...

  • Third-party breach leads to American Express customer data compromise

    March 4, 2024

    Payment card provider American Express Company is warning customers that their credit card details may have been exposed following a breach involving a third-party provider. The details were first revealed in a filing with the State of Massachusetts, with a form letter sent to affected customers stating that a third-party service provider “engaged by numerous merchants ...

  • New Banking Trojan “CHAVECLOAK” Targets Brazil

    March 4, 2024

    FortiGuard Labs recently uncovered a threat actor employing a malicious PDF file to propagate the banking Trojan CHAVECLOAK. This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware. Notably, CHAVECLOAK is specifically designed to target users in Brazil, aiming to steal sensitive information linked to ...

  • Charlotte Cowles’s $50,000 Scam Article, Anyone Can Become a Victim

    February 23, 2024

    “You must follow my directions very carefully. We do not have much time.” These are some of the words scammers used to influence and ultimately defraud Charlotte Cowles, a financial columnist at New York Magazine, in an elaborate imposter scam that cost Cowles and her family $50,000. In this one line alone, there are two classic ...

  • Cybersecurity for satellites is a growing challenge, as threats to space-based infrastructure grow

    February 20, 2024

    In today’s interconnected world, space technology forms the backbone of our global communication, navigation and security systems. Satellites orbiting Earth are pivotal for everything from GPS navigation to international banking transactions, making them indispensable assets in our daily lives and in global infrastructure. However, as our dependency on these celestial guardians escalates, so too does their ...

  • ALPHV ransomware says it was behind attacks on loanDepot, Prudential Financial

    February 19, 2024

    The infamous ALPHV ransomware operator (also known as BlackCat) has added two companies to its data leak site – Prudential Financial, and loanDepot, in a seeming admission it was behind the attacks on both companies. So far, the group has only added the names to its site, with the actual data not yet available. Apparently, the ...

  • Prudential reveals it was hit by data breach

    February 14, 2024

    Hackers were able to break into one of the largest life insurance companies in the United States and stole sensitive employee and contractor data. Prudential Financial has filed an 8-K form with the U.S. Securities and Exchange Commission (SEC) detailing the attack, according to a report. As per the filing, unnamed threat actors accessed the networks ...

  • State of Emergency: How Minnesota hospitals, state officials prepare for cyber attacks

    February 13, 2024

    The State of Minnesota stores and protects data on some six million residents, and that’s only one cache of sensitive information under the close watch of Minnesota IT Services (MNIT). “It’s everything from highways and highway traffic control systems, we run the zoo. We run everything in between,” John Israel, chief information security officer at MNIT, ...