Banking and Finance


  • Bank of America Customers Under Attack, Phishing Site Hosted on Russian Server

    July 24, 2017

    You might be tempted to believe that hackers are getting tired of using phishing scams to target bank clients across the globe, but as Bank of America customers might find out the hard way, this doesn’t seem to be the case just yet. HackRead has come across a new major phishing attack aimed at BoA clients, ...

  • Lloyd’s says cyber-attack could cost $120bn, same as Hurricane Katrina

    July 17, 2017

    Lloyd’s of London has warned that a serious cyber-attack could cost the global economy more than $120bn (£92bn) – as much as catastrophic natural disasters such as Hurricanes Katrina and Sandy. Published two months after a ransomware cyber-attack that hobbled NHS hospitals and hit nearly 100 countries, a 56-page report from the world’s oldest insurance market ...

  • Hackers Attack Trump Hotels, Steal Credit Card Details and Personal Data

    July 12, 2017

    Hackers breached the systems used by 14 different Trump Hotels properties between August 10, 2016 and March 9, 2017, managing to steal sensitive information like guests’ credit card details and other personal information. In a 9-page notification published on the official page, Trump Hotels informs customers that hackers managed to breach the systems of Sabre Hospitality ...

  • After Windows and Android, Operation Emmental Starts Targeting Apple Users

    July 11, 2017

    Security experts have discovered new malware that is specifically aimed at Apple customers, after previously targeting users running Windows and Android on their devices. Believed to be part of Operation Emmental, which was first spotted in 2012, the new malware is called Dok and is primarily targeting customers of Swiss banks, according to an in-depth analysis ...

  • MCMC probing cyber attacks on online trading platforms

    July 7, 2017

    The Malaysian Communications and Multimedia Commission (MCMC) is looking into reports of suspected cyber attacks disrupting online trading at several local brokerages. The regulator said it was assisting the stock exchange in investigating the disruption, a report by Nikkei Markets said on Friday. This comes after several brokerages alerted clients that their online broking services had been ...

  • Petya cyber attack: Ransomware spreads across Europe with firms in Ukraine, Britain and Spain shut down

    June 27, 2017

    Major firms, airports and government departments in Ukraine have been struck by a massive cyber attack which began to spread across Europe on Tuesday afternoon. In Ukraine, government departments, the central bank, a state-run aircraft manufacturer,  the airport in Kiev and  the metro network have all been paralysed by the hack. In the UK, the advertising firm WPP said ...

  • Banks to be forced to reveal all cyber security breaches to the European Central Bank

    June 19, 2017

    All banks regulated by the European Central Bank (ECB) will be forced to reveal all major cyber security breaches, according to one of the supervisor’s bosses. Starting this summer, banks directly supervised by the ECB will have to “report all significant cyber incidents”, said Sabine Lautenschlaeger, a member of the ECB’s executive board. At a speech in ...

  • Banks could be stung for €5bn under GDPR, screams latest report on industry readiness

    June 15, 2017

    European banks could face fines totalling €4.7bn in the three years after General Data Protection Regulation comes into force, according to a report from data security solutions firm AllClear ID. The latest in a string of sales pitches reports on businesses’ preparedness for GDPR to land in The Reg‘s inbox says that banks are not properly ...

  • New SEC enforcement chiefs see cyber crime as biggest market threat

    June 9, 2017

    Hackers are increasingly breaking into brokerage accounts to steal assets or make illegal trades, prompting U.S. securities regulators to start tracking cyber crimes more closely, two newly appointed enforcement officials said in an interview on Thursday. On Thursday, the U.S. Securities and Exchange Commission named Stephanie Avakian and Steven Peikin as new co-directors of enforcement. In an ...

  • Financial malware more than twice as prevalent as ransomware

    June 1, 2017

    Three Trojans dominated the financial threat landscape in 2016 and attackers increased their focus on corporate finance departments With all the attention ransomware is getting lately it’s easy to overlook other threats, such as those that target the financial sector and its customers. However, these types of threats are a serious and costly problem for both ...

  • Russian Cron Malware Operators Arrested Before Banking Malware Taken Abroad

    May 23, 2017

    With the help of an Android malware, Russian cyber criminals were able to steal from local bank customers and were planning to move their operation to the rest of Europe. Twenty people were arrested as law enforcement tried to kill off the “Cron” malware campaign. Russian security firm Group IB writes that the raids also thwarted ...

  • Debenhams Data Breach Affects 26K Customers, Payment Details Exposed

    May 5, 2017

    Personal data of up to 26,000 people was exposed due to a data breach affecting customers of Debenhams Flowers, the retailer’s florist arm. According to Debenhams, the site is actually operated by Ecomnova, which is a third-party supplier. Therefore, customers of other services it provides have not been affected in any way. On the other hand, Ecomnova ...

  • After years of warnings, mobile network hackers exploit SS7 flaws to drain bank accounts

    May 3, 2017

    Experts have been warning for years about security blunders in the Signaling System 7 protocol – the magic glue used by cellphone networks to communicate with each other. These shortcomings can be potentially abused to, for example, redirect people’s calls and text messages to miscreants’ devices. Now we’ve seen the first case of crooks exploiting the ...

  • Hundreds of Fake UK Bank Sites Exposed, Pose High Risk for Customers

    May 3, 2017

    Hackers have registered over 300 domains with names similar to those of several popular British banks, which they use to trick customers into handing over personal details or login data. According to DomainTools, a company handling domain names and DNS-based cyber threats, 324 such domains were discovered only in relation to banks in the United Kingdom, ...

  • Russian-controlled telecom hijacks financial services’ Internet traffic

    April 28, 2017

    On Wednesday, large chunks of network traffic belonging to MasterCard, Visa, and more than two dozen other financial services companies were briefly routed through a Russian government-controlled telecom under unexplained circumstances that renew lingering questions about the trust and reliability of some of the most sensitive Internet communications. Anomalies in the border gateway protocol—which routes large-scale ...

  • Hong Kong to tighten cyber security rules after broker hacks

    April 20, 2017

    Hong Kong plans to toughen information security rules after a series of embarrassing hacks at the city’s brokers, the securities regulator said on Thursday. The draft rules would likely include requirements for two-step authentication for account log-in and for brokers to notify clients when a transaction had been made, a Hong Kong Securities and Futures Commission ...

  • ShadowBrokers’ Windows Zero-Days Already Patched

    April 17, 2017

    Hours after what was thought to be a damaging release of NSA hacking tools for Windows systems, Microsoft quelled some anxiety with a late-night statement on Friday that most of the vulnerabilities disclosed by the ShadowBrokers had already been patched. The biggest surprise was that the most recent updates came in March in a bulletin, MS17-010, ...

  • Hacker documents show NSA tools for breaching global money transfer system

    April 16, 2017

    Documents and computer files released by hackers provide a blueprint for how the U.S. National Security Agency likely used weaknesses in commercially available software to gain access to the global system for transferring money between banks, a review of the data showed. On Friday, a group calling itself the Shadow Brokers released documents and files indicating ...

  • Dridex Campaigns Hitting Millions of Recipients Using Unpatched Microsoft Zero-Day

    April 10, 2017

    This weekend saw multiple reports of a new zero-day vulnerability that affected all versions of Microsoft Word. Today, Proofpoint researchers observed the document exploit being used in a large email campaign distributing the Dridex banking Trojan. This campaign was sent to millions of recipients across numerous organizations primarily in Australia. This represents a significant level of ...

  • Payday lender Wonga admits to data breach

    April 10, 2017

    Payday lender Wonga has advised 270,000 customers of a data breach and offered inconsistent advice about the severity of the incident and how to respond. An “incident FAQ” on the company’s site says “We believe there may have been illegal and unauthorised access to the personal data of some of our customers.” The Reg understands 270,000 ...