Several U.S. banking giants and mortgage lenders are reportedly scrambling to assess how much of their customers’ data was stolen during a cyberattack on a New York financial technology company earlier this month.
SitusAMC, which provides technology for over a thousand commercial and real estate financiers, confirmed in a statement over the weekend that it had identified a data breach on November 12. The company said that unspecified hackers had stolen corporate data associated with its banking customers’ relationship with SitusAMC, as well as “accounting records and legal agreements” during the cyberattack.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- California Department of Finance dealing with cybersecurity incident; no state funds compromised
December 12, 2022
An investigation is underway after a cybersecurity incident involving the California Department of Finance. The California Cyber Security Integration Center (Cal-CSIC) confirmed the incident on Monday but offered few specifics. Officials did note, however, that no state funds had been compromised. Read more… Source: MSN News
- UK arrests five for selling ‘dodgy’ point of sale software
December 12, 2022
Tax authorities from Australia, Canada, France, the UK and the USA have conducted a joint probe into “electronic sales suppression software” – applications that falsify point of sale data to help merchants avoid paying tax on their true revenue. A Friday announcement from the Joint Chiefs of Global Tax Enforcement (known as the J5), states that ...
- Clop ransomware uses TrueBot malware for access to networks
December 11, 2022
Security researchers have noticed a spike in devices infected with the TrueBot malware downloader created by a Russian-speaking hacking group known as Silence. The Silence group is known for its big heists against financial institutions, and has begun to shift from phishing as an initial compromise vector. The threat actor is also using a new custom data ...
- DeathStalker targets legal entities with new Janicab variant
December 8, 2022
“Dosen’t matter how long you wait for the bus on a rainy day, X seconds was enough to get wet?” Just to clarify, the above subheading isn’t a normal quote, but a message that Janicab malware attempted to decode in its newest use of YouTube dead-drop resolvers (DDRs). While hunting for less common Deathstalker intrusions that use ...
- REvil-hit Medibank to pull plug on IT, shore up defenses
December 8, 2022
Australian health insurance company Medibank will take all of its IT systems offline and close its branches over the weekend as part of its ongoing efforts to improve security and recover from a massive data security breach in October. The planned outage, dubbed Operation Safeguard, begins at 2030 Sydney time on Friday, December 9. The insurer ...
- DEV-0139 launches targeted attacks against the cryptocurrency industry
December 6, 2022
Over the past several years, the cryptocurrency market has considerably expanded, gaining the interest of investors and threat actors. Cryptocurrency itself has been used by cybercriminals for their operations, notably for ransom payment in ransomware attacks, but Microsoft researchers have also observed threat actors directly targeting organizations within the cryptocurrency industry for financial gain. Attacks ...