Tag: finance
-
Generative AI Is reshaping financial fraud. Can security keep up?
In this Help Net Security interview, Yinglian Xie, CEO at DataVisor, explains how evolving fraud tactics require adaptive, AI-driven prevention strategies. With fraudsters … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/01/yinglian-xie-datavisor-fraud-prevention-strategies/
-
Apple Fined Euro150 Million by French Regulator Over Discriminatory ATT Consent Practices
by
in SecurityNewsApple has been hit with a fine of Euro150 million ($162 million) by France’s competition watchdog over the implementation of its App Tracking Transparency (ATT) privacy framework.The Autorité de la concurrence said it’s imposing a financial penalty against Apple for abusing its dominant position as a distributor of mobile applications for iOS and iPadOS devices…
-
FTC: 23andMe’s Buyer Must Uphold Co.’s Data Privacy Pledge
by
in SecurityNewsLetter to Bankruptcy Trustee Says 23andMe’s Privacy Promises Must Carry Over. The Federal Trade Commission has sent a letter to 23andMe’s bankruptcy trustees saying that any sale of the genetic testing firm or its assets will be subject to the company’s previous pledges to consumers involving the privacy and security of their sensitive information and…
-
Scammers Target Netflix Users: Expert Issues Urgent Warning
by
in SecurityNewsStreaming giant Netflix is at the center of a rising wave of online scams, cybersecurity experts warn. Fraudsters use increasingly sophisticated tactics, from fake texts to deceptive emails and websites, to steal Netflix users’ personal and financial information. With over 230 million subscribers worldwide, Netflix has become one of the most impersonated brands […] First…
-
Russian Hackers Leverage Bulletproof Hosting to Shift Network Infrastructure
by
in SecurityNewsRussian-aligned cyber threat groups, UAC-0050 and UAC-0006, have significantly escalated their operations in 2025, targeting entities worldwide with a focus on Ukraine. These groups employ bulletproof hosting services to mask their network infrastructure, enabling sophisticated campaigns involving financial theft, espionage, and psychological operations. UAC-0050, linked to Russian law enforcement agencies, has transitioned to deploying NetSupport…
-
FTC says 23andMe purchaser must uphold existing privacy policy for data handling
by
in SecurityNewsFederal Trade Commission Chair Andrew Ferguson on Monday sent a letter to Department of Justice bankruptcy regulators warning that any purchaser of 23andMe must adhere to the company’s current privacy policies for protecting consumers’ genetic and other data. First seen on therecord.media Jump to article: therecord.media/ftc-23andme-purchaser-data-privacy
-
Speed vs. Security: The Digital Bank Dilemma
by
in SecurityNewsJason Costain on Ways Traditional and Digital Banks Could Learn from Each Other. Digital-only banks promise speed and sleek digital experiences but are not the best places to handle scam victims. Without branches to visit, victims find themselves stuck in a loop of chatbots, said Jason Costain, former head of fraud analytics and threat management…
-
North Korean hackers adopt ClickFix attacks to target crypto firms
by
in SecurityNewsThe notorious North Korean Lazarus hacking group has reportedly adopted ‘ClickFix’ tactics to deploy malware targeting job seekers in the cryptocurrency industry, particularly centralized finance (CeFi). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-adopt-clickfix-attacks-to-target-crypto-firms/
-
How CISOs can balance business continuity with other responsibilities
by
in SecurityNews
Tags: attack, backup, breach, business, cio, ciso, compliance, cyber, cyberattack, cybersecurity, data, data-breach, finance, framework, healthcare, incident, incident response, metric, nist, ransomware, resilience, risk, service, strategy, supply-chain, technology, threat, usa, vulnerabilityCIO-CISO divide: Who owns business continuity?: While CISOs may find that their remit is expanding to cover business continuity, a lack of clear delineation of roles and responsibilities can spell trouble.To effectively handle business continuity, cybersecurity leaders need a framework to collaborate with IT leadership.Responding to events requires a delicate balance between thoroughness of investigation…
-
New Android Malware “TsarBot” Targeting 750 Banking, Finance Crypto Apps
by
in SecurityNews
Tags: android, attack, banking, credentials, credit-card, crypto, cyber, finance, intelligence, login, malware, threatA newly identified Android malware, dubbed TsarBot, has emerged as a potent cyber threat targeting over 750 applications across banking, finance, cryptocurrency, and e-commerce sectors. Discovered by Cyble Research and Intelligence Labs (CRIL), this banking Trojan employs sophisticated overlay attacks to steal sensitive user credentials, including banking details, login information, and credit card data. Global…
-
Unbefugter Zugriff bei einer Bank in Arizona, USA
by
in SecurityNewsData Breach Notification First seen on maine.gov Jump to article: www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/655a94de-d6a8-4736-a67c-abd1cba4ebaa.html
-
What are the cost implications of maintaining NHI compliance?
by
in SecurityNewsDoes Non-Human Identities Compliance Come with a Hefty Price Tag? Foremost among these challenges is securing a cloud environment from potential threats. One of the most significant components of this effort is the effective management of Non-Human Identities (NHIs) and their associated secrets. With the financial sector already witnessing the impact of KYC-AML compliance, NHIs……
-
Salt Typhoon may have upgraded backdoors for efficiency and evasion
by
in SecurityNewsCrowDoor and attributed to the Earth Estries APT group in November 2024.”GhostSparrow, aka Salt Typhoon (Microsoft), Earth Estries (Trend Micro), Ghost Emperor (Kaspersky Labs), and UNC2286 (Mandiant), has escalated cyber espionage, breaching US telecom networks and accessing data on over a million individuals. One of the key features ESET reported on the two previously unseen…
-
Democratic FTC Commissioners file lawsuit against Trump over attempted firings
by
in SecurityNews
Tags: financeThe lawsuit asks the court to declare the president’s actions unlawful and affirm Bedoya and Slaughter’s statutory rights to serve out the remainder of their seven-year terms. First seen on cyberscoop.com Jump to article: cyberscoop.com/bedoya-slaughter-ftc-lawsuit-unlawful-dismissal-trump/
-
Speed vs. Security: the Digi Bank Dilemma
by
in SecurityNewsJason Costain on Ways Traditional and Digital Banks Could Learn from Each Other. Digital-only banks promise speed and sleek digital experiences but are not the best places to handle scam victims. Without branches to visit, victims find themselves stuck in a loop of chatbots, said Jason Costain, former head of fraud analytics and threat management…
-
Revenue Cycle Management Firm Hack Affects Patients, Clients
by
in SecurityNewsIncident Spotted in March 2024 Is Yet Another Attack Against Medical Billing Firms. A Nebraska-based firm that provides revenue cycle management and billing services to healthcare firms is notifying tens of thousands of people and an undisclosed number of companies that their personal, health and financial information was compromised in a March 2024 hack. First…
-
Android financial threats: What businesses need to know to protect themselves and their customers
The rise of mobile banking has changed how businesses and customers interact. It brought about increased convenience and efficiency, but has also opened new doors for … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/28/android-financial-threats/
-
PCI DSS 4.0 Compliance Requires a New Approach to API Security
by
in SecurityNewsRetailers, Financial Services, and the API Security Wake-Up Call With the PCI DSS 4.0 compliance deadline fast approaching, Cequence threat researchers have uncovered troubling data: 66.5% of malicious traffic is targeting retailers. And attackers aren’t just after payment data. They’re weaponizing APIs to exploit every stage of the digital buying process. The conclusions in this……
-
Classiscam Operators Use Automated Malicious Sites to Steal Financial Data
by
in SecurityNewsClassiscam, an automated scam-as-a-service operation, has been identified as a significant threat in Central Asia, leveraging sophisticated techniques to defraud users of online marketplaces and e-commerce platforms. This fraudulent scheme, highlighted in the High-Tech Crime Trends Report 2025, utilizes Telegram bots to generate fake websites that mimic legitimate services, effectively deceiving victims into sharing their…
-
The 3 Pillars of Australia’s New AML/CTF Compliance Framework
by
in SecurityNewsNAB’s Anthony Hope on How Banks Are Preparing for the March 2026 Deadline. Australia’s anti-money laundering and counter-terrorism financing legislation is undergoing its first major revision since 2006. Anthony Hope, group head of AML, CTF and fraud risk at NAB, explains what this generational change means for financial institutions. First seen on govinfosecurity.com Jump to…
-
The FFIEC’s Origins and Purpose for Banking Industry
by
in SecurityNewsThe Federal Financial Institutions Examination Council (FFIEC) plays a pivotal role in ensuring the safety, soundness, and efficiency of financial institutions in the United States. Founded in 1979, the FFIEC operates as an interagency regulatory body that sets standards for the examination of financial institutions. This comprehensive guide will explore the council’s origins, structure, responsibilities,……
-
New FamousSparrow Malware Targets Hotels and Engineering Firms with Custom Backdoor
ESET researchers have uncovered new activity from the China-aligned APT group FamousSparrow, revealing two previously undocumented versions of their custom SparrowDoor backdoor. The group, thought to be inactive since 2022, compromised a US-based trade organization in the financial sector and a Mexican research institute in July 2024. The first variant closely resembles the CrowDoor malware…
-
Aussie Fintech Vroom Exposes Thousands of Records After AWS Misconfiguration
by
in SecurityNewsCybersecurity researcher Jeremiah Fowler discovered a data exposure at Australian fintech Vroom by YouX, exposing 27,000 records, including driver’s licenses, bank statements, and more. First seen on hackread.com Jump to article: hackread.com/aussie-fintech-vroom-pii-records-aws-misconfiguration/
-
Cyber insurance isn’t always what it seems
by
in SecurityNewsMany companies think cyber insurance will protect them from financial losses after an attack. But many policies have gaps. Some claims get denied. Others cover less than … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/27/cyber-insurance-ciso/
-
Island Banks $250M in Series E Funding for Enterprise Browser
by
in SecurityNewsThe late-stage startup said the round was led Coatue Management and brings Island’s total external funding to approximately $730 million. The post Island Banks $250M in Series E Funding for Enterprise Browser appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/island-banks-250m-series-e-for-enterprise-browser/
-
Island Banks $250M Series E for Enterprise Browser
by
in SecurityNewsThe late-stage startup said the round was led Coatue Management and brings Island’s total external funding to approximately $730 million. The post Island Banks $250M Series E for Enterprise Browser appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/island-banks-250m-series-e-for-enterprise-browser/
-
China-linked FamousSparrow APT group resurfaces with enhanced capabilities
ESET investigated suspicious activity on the network of a trade group in the United States that operates in the financial sector. While helping the affected entity remediate … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/26/famoussparrow-cyberespionage-attacks-united-states/