Banking and Finance

  • Finastra Notifies Customers of Data Breach

    February 19, 2025

    British financial technology firm Finastra has notified customers impacted by a data breach that occurred over three months ago. Between October 31 and November 8, 2024, an unauthorized third party accessed the company’s secure file transfer platform (SFTP), used to share files with customers. Although the breach was detected on November 7, and the company acknowledged ...

  • Argentine judge investigates fraud case against President Milei over crypto promotion

    February 18, 2025

    A judge in Argentina was selected Monday to investigate allegations of fraud against President Javier Milei for his brief promotion of a cryptocurrency whose value collapsed within hours of its launch last week. Milei distanced himself from the scandal and said he acted in good faith. Milei and his office denied involvement with creators of the ...

  • 50,000 electronic attacks countered daily by UAE Cybersecurity Council

    February 17, 2025

    Dr. Mohammed Hamad Al Kuwaiti, Chairman of the UAE Cybersecurity Council, stated that the UAE possesses an advanced cybersecurity system capable of predicting and countering most electronic attacks before they occur. He noted that the average daily cyberattacks on key sectors exceeds 50,000, all of which are proactively deterred and mitigated. In statements to the Emirates ...

  • US, UK crack down on Russian bulletproof hosting service ZServers for LockBit partnership

    February 12, 2025

    Russia-based bulletproof hosting services provider (BPH) ZServers has been sanctioned by the United States, Australia, and the United Kingdom for its alleged involvement with the LockBit ransomware group. In a press release, the Australian Federal Police (AFP) said ZServers was providing services to threat actors responsible for the Medibank Private breach that happened in October 2022. ...

  • Funksec Ransomware Teams Up with Another Ransomware Group to Double Down on Targets

    February 3, 2025

    FunkSec is a relatively new but highly active ransomware group that, as of this writing, has targeted several dozen victims across industries like government, banking, communications, and education. In a recent blog post, the group announced a partnership with another ransomware outfit, FSociety, aiming to carry out attacks more efficiently. This week, SonicWall Capture Labs research ...

  • Barclays customers continue to experience issues after major IT outage

    January 31, 2025

    Barclays customers are continuing to experience intermittent errors with payments and transfers after serious IT problems that also affected the bank’s app and online banking. Customers have told the BBC it is preventing them making essential transactions, ranging from buying baby milk to completing a house move. Barclays says cards and cash machines can be used ...

  • Coyote Banking Trojan: A Stealthy Attack via LNK Files

    January 30, 2025

    Over the past month, FortiGuard Labs has identified several similar LNK files containing PowerShell commands designed to execute malicious scripts and connect to remote servers. These files are part of multi-stage operations that ultimately deliver the Coyote Banking Trojan. This malware primarily targets users in Brazil, seeking to harvest sensitive information from over 70 financial applications ...

  • DeepSeek has rattled the AI industry. Here’s a quick look at other Chinese AI models

    January 28, 2025

    The Chinese artificial intelligence firm DeepSeek has rattled markets with claims that its latest AI model, R1, performs on a par with those of OpenAI, despite using less advanced computer chips and consuming less energy. DeepSeek’s emergence has raised concerns that China may have overtaken the U.S. in the artificial intelligence race despite restrictions on its ...

  • 240,000 Credit Union Members Exposed

    December 20, 2024

    A recent data breach at SRP Federal Credit Union, based in South Carolina, has left over 240,000 members vulnerable to potential identity theft and financial fraud. Between Sept. 5 and Nov. 4, 2024, hackers accessed sensitive personal data, including Social Security numbers, driver’s license information, dates of birth and financial account details. The ransomware group Nitrogen ...

  • US consumer watchdog sues big banks over ‘widespread’ fraud on Zelle payment app

    December 20, 2024

    The U.S. Consumer Financial Protection Bureau said on Friday it filed a lawsuit against JPMorgan Chase, Bank of America and Wells Fargo for failing to protect consumers from alleged “widespread fraud” on payments platform Zelle. The lawsuit was initiated as the watchdog moves ahead with an aggressive agenda in the final weeks of Joe Biden’s Democratic ...

  • Lazarus group evolves its infection chain with old and new malware

    December 19, 2024

    Over the past few years, the Lazarus group has been distributing its malicious software by exploiting fake job opportunities targeting employees in various industries, including defense, aerospace, cryptocurrency, and other global sectors. This attack campaign is called the DeathNote campaign and is also referred to as “Operation DreamJob”. Kaspersky researchers have previously published the history of ...

  • 5 million payment card details stolen in painful reminder to monitor Christmas spending

    December 17, 2024

    Another day, another exposed S3 bucket. This time, 5 million US credit cards and personal details were leaked online. The Leakd.com security team discovered that 5 terabytes of sensitive screenshots were exposed in a freely accessible Amazon S3 bucket. An S3 bucket is like a virtual file folder in the cloud where you can store various ...

  • Jamaica: Police charge 6 people in connection with cyber attack on account of bank customer

    December 7, 2024

    The six people arrested last week in connection with a multi-million dollar cyber attack on the account of a customer of the National Commercial Bank, have been charged. This was disclosed by Dane Nicholson, Head of the Anti-Fraud Committee of the Jamaica Banker’s Association, who said the suspects were charged on Thursday and are booked to ...

  • TaxOff: um, you’ve got a backdoor…

    November 27, 2024

    In Q3 2024, the Positive Technologies Expert Security Center (PT ESC) TI Department discovered a series of attacks on Russian government agencies. PT ESC researchers were unable to establish any connection with known groups using the same techniques. The main goal was espionage and gaining a foothold to follow through on further attacks. They dubbed the group ...

  • Hackers who inflitrated South African financial system reveal data for a large number people

    November 24, 2024

    A hacking group that claims it fraudulently collected Social Relief of Distress (SRD) grants and infiltrated South Africa’s financial system through credit bureaus has released data appearing to belong to Absa and Standard Bank customers. N4aughtySecGroup contacted the media earlier this month with a warning that it had breached several credit bureaus and used its access ...

  • Fintech giant Finastra confirms it’s investigating a data breach

    November 20, 2024

    Finastra, a London-based financial software company that serves most of the world’s top banks, has confirmed it’s investigating a data breach after a hacker claimed a compromise of the company’s internal file-transfer platform. In a statement given to TechCrunch, Finastra spokesperson Sofia Romano confirmed the fintech giant detected what it calls “suspicious activity” related to an ...

  • Сrimeware and financial cyberthreats in 2025

    November 14, 2024

    Kaspersky’s Global Research and Analysis Team constantly monitors known and emerging cyberthreats directed at the financial industry, with banks and fintech companies being the most targeted. Kaspersky researchers also closely follow threats that aim to infiltrate a wider range of industries, namely ransomware families that are financially motivated. These observations, as part of our Kaspersky Security ...

  • Threats in space (or rather, on Earth): Internet-exposed GNSS receivers

    November 13, 2024

    Global Navigation Satellite Systems (GNSS) are collections, or constellations of satellite positioning systems. There are several GNSSs launched by different countries currently in operation: GPS (US), GLONASS (Russia), Galileo (EU), BeiDou Navigation Satellite System (BDS, China), Navigation with Indian Constellation (NavIC, India) and Quazi-Zenith Satellite System (QZSS, Japan). These systems are used for positioning, navigation ...

  • Silent Skimmer Gets Loud (Again)

    November 7, 2024

    In late May 2024, Unit 42 researchers observed an adversary compromising multiple web servers to gain access to the environment of a multinational organization headquartered in North America. Based on overlaps in adversary infrastructure and tools, as well as tactics, techniques and procedures (TTPs), it’s possible to attribute the activity identified to the same threat actor ...

  • Crooks bank on Microsoft’s search engine to phish customers

    November 4, 2024

    Malwarebytes Labs researchers identified a new wave of phishing for banking credentials that targets consumers via Microsoft’s search engine. A Bing search query for ‘Keybank login’ currently returns malicious links on the first page, and sometimes as the top search result. Malwarebytes Labs has reported the fraudulent sites to Microsoft already. While Microsoft’s Bing only has ...