- New SEC enforcement chiefs see cyber crime as biggest market threat
June 9, 2017
Hackers are increasingly breaking into brokerage accounts to steal assets or make illegal trades, prompting U.S. securities regulators to start tracking cyber crimes more closely, two newly appointed enforcement officials said in an interview on Thursday. On Thursday, the U.S. Securities and Exchange Commission named Stephanie Avakian and Steven Peikin as new co-directors of enforcement. In an ...
- Financial malware more than twice as prevalent as ransomware
June 1, 2017
Three Trojans dominated the financial threat landscape in 2016 and attackers increased their focus on corporate finance departments With all the attention ransomware is getting lately it’s easy to overlook other threats, such as those that target the financial sector and its customers. However, these types of threats are a serious and costly problem for both ...
- Russian Cron Malware Operators Arrested Before Banking Malware Taken Abroad
May 23, 2017
With the help of an Android malware, Russian cyber criminals were able to steal from local bank customers and were planning to move their operation to the rest of Europe. Twenty people were arrested as law enforcement tried to kill off the “Cron” malware campaign. Russian security firm Group IB writes that the raids also thwarted ...
- Debenhams Data Breach Affects 26K Customers, Payment Details Exposed
May 5, 2017
Personal data of up to 26,000 people was exposed due to a data breach affecting customers of Debenhams Flowers, the retailer’s florist arm. According to Debenhams, the site is actually operated by Ecomnova, which is a third-party supplier. Therefore, customers of other services it provides have not been affected in any way. On the other hand, Ecomnova ...
- After years of warnings, mobile network hackers exploit SS7 flaws to drain bank accounts
May 3, 2017
Experts have been warning for years about security blunders in the Signaling System 7 protocol – the magic glue used by cellphone networks to communicate with each other. These shortcomings can be potentially abused to, for example, redirect people’s calls and text messages to miscreants’ devices. Now we’ve seen the first case of crooks exploiting the ...
- Hundreds of Fake UK Bank Sites Exposed, Pose High Risk for Customers
May 3, 2017
Hackers have registered over 300 domains with names similar to those of several popular British banks, which they use to trick customers into handing over personal details or login data. According to DomainTools, a company handling domain names and DNS-based cyber threats, 324 such domains were discovered only in relation to banks in the United Kingdom, ...
- Russian-controlled telecom hijacks financial services’ Internet traffic
April 28, 2017
On Wednesday, large chunks of network traffic belonging to MasterCard, Visa, and more than two dozen other financial services companies were briefly routed through a Russian government-controlled telecom under unexplained circumstances that renew lingering questions about the trust and reliability of some of the most sensitive Internet communications. Anomalies in the border gateway protocol—which routes large-scale ...
- Hong Kong to tighten cyber security rules after broker hacks
April 20, 2017
Hong Kong plans to toughen information security rules after a series of embarrassing hacks at the city’s brokers, the securities regulator said on Thursday. The draft rules would likely include requirements for two-step authentication for account log-in and for brokers to notify clients when a transaction had been made, a Hong Kong Securities and Futures Commission ...
- ShadowBrokers’ Windows Zero-Days Already Patched
April 17, 2017
Hours after what was thought to be a damaging release of NSA hacking tools for Windows systems, Microsoft quelled some anxiety with a late-night statement on Friday that most of the vulnerabilities disclosed by the ShadowBrokers had already been patched. The biggest surprise was that the most recent updates came in March in a bulletin, MS17-010, ...
- Hacker documents show NSA tools for breaching global money transfer system
April 16, 2017
Documents and computer files released by hackers provide a blueprint for how the U.S. National Security Agency likely used weaknesses in commercially available software to gain access to the global system for transferring money between banks, a review of the data showed. On Friday, a group calling itself the Shadow Brokers released documents and files indicating ...
- Dridex Campaigns Hitting Millions of Recipients Using Unpatched Microsoft Zero-Day
April 10, 2017
This weekend saw multiple reports of a new zero-day vulnerability that affected all versions of Microsoft Word. Today, Proofpoint researchers observed the document exploit being used in a large email campaign distributing the Dridex banking Trojan. This campaign was sent to millions of recipients across numerous organizations primarily in Australia. This represents a significant level of ...
- Payday lender Wonga admits to data breach
April 10, 2017
Payday lender Wonga has advised 270,000 customers of a data breach and offered inconsistent advice about the severity of the incident and how to respond. An “incident FAQ” on the company’s site says “We believe there may have been illegal and unauthorised access to the personal data of some of our customers.” The Reg understands 270,000 ...
- Finance firms to spend more on security as concern over cyber crime soars
April 5, 2017
Over 80pc of financial services firms plan to pump cash into cybersecurity this year, almost double that of last year as fears over cyber attacks swell. Corporate adviser Duff & Phelps, which analysed 200 executives in Europe, Hong Kong and the US, said 86pc of financial services firms intend to spend more time and money on cybersecurity this year. That’s a significant increase on last year, ...
- Lazarus APT Spinoff Linked to Banking Hacks
April 3, 2017
The Lazarus Group, a nation-state level of attacker tied to the 2014 attacks on Sony Pictures Entertainment, has splintered off a portion of its operation to concentrate on stealing money to fund itself. The group, widely believed to be North Korean, has been linked to a February 2016 attack against the Bangladesh Central bank that resulted ...
- Banking Malware Source Code Leaked by Author to Gain Credibility Among Hackers
March 29, 2017
The source code for a new Trojan called Nuclear Bot has been leaked online, which may spark a rise in attacks against banking services. As it happens almost every time the source code for a malicious program lands online, it is quite likely to see more unskilled cybercriminals launching malware attacks against users. Nuclear Bot first landed ...
- New Spam Campaign via Necurs Botnet Tries to Manipulate the Stock Market
March 21, 2017
The Necurs botnet is known as the largest spam botnet in the world, particularly for distributing Locky ransomware and Dridex. Now, it looks like Necurs is taking on a new role as someone tries to manipulate the stock market. The discovery was made by Cisco’s threat intelligence organization Talos, which notes that after being offline for ...
- Cybersecurity And Financial Institutions: How New York’s “First-In-The-Nation” Data Security Regulations May Impact You
March 11, 2017
March 1, 2017 marked the implementation of New York’s cybersecurity regulations, subjecting covered financial institutions to arguably the most burdensome cybersecurity regime yet. The regulations, promulgated by the New York State Department of Financial Services (“NYDFS”), require banks, insurance companies, and other entities regulated by NYDFS to establish substantive cybersecurity programs and policies and to annually ...
- Dridex Banking Trojan Gains ‘AtomBombing’ Code Injection Ability to Evade Detection
March 1, 2017
Security researchers have discovered a new variant of Dridex – one of the most nefarious banking Trojans actively targeting financial sector – with a new, sophisticated code injection technique and evasive capabilities called “AtomBombing.” On Tuesday, Magal Baz, security researcher at Trusteer IBM disclosed new research, exposing the new Dridex version 4, which is the latest ...
- Could cybersecurity sink your next M&A?
February 26, 2017
Most CFOs don’t expect to see cybersecurity on their due diligence checklist for mergers and acquisitions. Yet cybersecurity – or a lack thereof – has massive implications for any deal: after all, the average data breach now costs organisations in the ballpark of $4 million, not to mention the potential damage to reputation and revenues when ...
- Malware Attack on Polish Banks Uses Russian as False Flag, Linked to Lazarus
February 21, 2017
Hackers involved in the attack on Polish banks seem to have faked some of the code lines, making it seem as if they were Russians. The truth is, however, the lines don’t make sense to native speakers and an online translator may have been used. A recent sophisticated attack campaign targeted financial organizations from many countries, ...