Banking and Finance

May 29, 2025

UK fintechs are putting thousands of customers in jeopardy by leaving themselves vulnerable to a cyber attack, shocking new research reveals. Nearly 800 firms’ digital presence was analysed by the ethical hacking platform Ethiack as it scrutinised their cybersecurity. Four in ten fintechs were found to be giving hackers a “powerful headstart” by revealing software details ...

May 29, 2025

The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull). Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit ...

May 28, 2025

Zanubis is a banking Trojan for Android that emerged in mid-2022. Since its inception, it has targeted banks and financial entities in Peru, before expanding its objectives to virtual cards and crypto wallets. The main infection vector of Zanubis is impersonating legitimate Peruvian Android applications and then misleading the user into enabling the accessibility permissions. Once ...

May 21, 2025

Scattered Spider snared financial services organizations in its web before its recent spate of retail attacks in the UK and US, according to Palo Alto Networks’ Unit 42. “We saw several instances in the financial services space, and now we’re starting to see instances in the retail-oriented, customer-facing space,” Unit 42 principal threat researcher Kristopher Russo ...

May 16, 2025

Whenever cybercriminals successfully target financial services (FinServ), we’re reminded all too well that money makes the world go round. A fruitful attack can lock customers out of their bank accounts, expose sensitive data and fuel theft, fraud and a worrying distrust in financial institutions. The stakes are clearly high, and unfortunately attacks are still soaring. Between ...

May 15, 2025

The International Criminal Court’s chief prosecutor has lost access to his email, and his bank accounts have been frozen. The Hague-based court’s American staffers have been told that if they travel to the U.S. they risk arrest. Some non-governmental organizations have stopped working with the ICC and the leaders of one won’t even reply to emails ...

May 15, 2025

Crypto exchange Coinbase has disclosed a significant cyber attack that could cost the company between $180m (£135m) and $400m (£300m), after hackers breached account data belonging to a “small subset” of its users. The news sent shares down three per cent in pre-market trading on Thursday. Coinbase said it received an email from an unknown threat ...

May 7, 2025

More than 640,000 cases of remote fraud were reported in Russia in 2024, while the damage they caused exceeded 170 billion rubles ($2.1 bln), the Public Relations Center of the Federal Security Service (FSB), reported. According to the FSB, “the measures taken stopped the functioning of the illicit virtual communications center, seized more than 1,200 SIM ...

May 6, 2025

Unit 42 researchers recently uncovered a highly focused malicious campaign targeting dozens of Portuguese organizations, particularly in the government, finance and transportation sectors. This campaign was orchestrated by the threat actors behind Lampion malware, an infostealer that focuses on sensitive banking information. This malware family has been active since at least 2019. During our investigation, we ...

April 28, 2025

A major power outage hit Spain and Portugal on Monday, including their capitals, knocking out subway networks, phone lines, traffic lights and ATM machines. It is rare to have such a widespread outage there. Spanish generator Red Eléctrica said it affected the Iberian peninsula and the incident is being assessed. The countries have a combined population ...

April 24, 2025

Got an Android phone? Got a tap-to-pay card? Then you’re like millions of other users now at risk from a new form of cybercrime – malware that can read your credit or debit card and hand its data over to an attacker. A newly discovered malicious program effectively turns Android phones into malicious tap machines that ...

April 17, 2025

More than 1.6 million people are now thought to have been affected by the May 2024 cyberattack at Landmark Admin, twice as many as originally thought. The company confirmed the news in an updated report filed with the Office of the Maine Attorney General. “The forensic investigation determined that data was encrypted and exfiltrated from Landmark’s ...

April 3, 2025

Multiple large superannuation funds have been targeted in suspected cyber attacks that led to some members losing several thousand dollars in retirements savings. Hostplus, Rest, AustralianSuper and Australian Retirement Trust are among the providers targeted. The attacks were discovered over the weekend, and follow rising reports of online security threats in Australia with a cyber ...

April 2, 2025

Web-based credit card skimming remains a widespread and persistent threat, known for its ability to adapt and evolve over time. FortiGuard Labs recently observed a sophisticated campaign dubbed “RolandSkimmer,” named after the unique string “Rol@and4You” found embedded in its payload. This threat actor targets users in Bulgaria and represents a new wave of credit card skimming ...

March 25, 2025

The SonicWall Capture Labs threat research team has identified a new development in the Horus Protector distributed infection chain. Recently, it has been targeting the French region with MoDiRAT, a malware notorious for stealing credit card and other victim information. During the infection process, it deploys the DarkCloud stealer; however, before exiting, the loader verifies if ...

March 25, 2025

As more and more financial transactions are conducted in digital form each year, financial threats comprise a large piece of the global cyberthreat landscape. That’s why Kaspersky researchers analyze the trends related to these threats and share an annual report highlighting the main dangers to corporate and consumer finances. This report contains key trends and statistics ...

March 11, 2025

The Bank of America has alerted a small group of its customers about a data breach that may have exposed confidential information. The breach, which took place on December 30, was a result of improper handling of confidential documents by a third-party document destruction service provider. The breach could have potentially exposed sensitive data, including personal ...

March 5, 2025

The High Court has ordered Bank of Ireland to pay a €350K settlement to a woman and her partner, who alleged her data was released to her estranged father, who then used it to find the couple abroad and stalk them. At the High Court today, Ms Justice Mary Rose Gearty was told the settlement, which ...

February 24, 2025

Bybit said it replenished its reserves following a $1.5 billion hack last week, the largest in the history of the crypto industry. In less than 72 hours, Bybit pieced together hundreds of thousands of ether tokens through a mix of emergency loans and large deposits. While the rapid recovery restored the exchange’s balance and kept customer ...

February 21, 2025

Blockchain analytics firm Arkham Intelligence said North Korea’s Lazarus Group was behind Bybit’s $1.46 billion hack. In an earlier post on social media platform X, Arkham offered a bounty of 50,000 ARKM tokens for anyone who could identify the attackers for Friday’s hack. Later, the platform said onchain sleuth ZachXBT submitted “definitive proof” that the attackers ...