Tag: finance
-
Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites
by
in SecurityNewsGovernment agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077.The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the Defense Industrial Base (DIB), aviation, telecommunications, and financial and legal services across the world, Microsoft…
-
ISMG Editors: China-Linked Espionage Targets U.S. Telecoms
by
in SecurityNewsAlso: Highlights from ISMG’s Financial Services Summit and Key Insights on AI Adoption. On the 200th episode of the ISMG Editors’ Panel, the team discussed the major China-linked cyberespionage campaign targeting U.S. telecommunications, highlighted key insights from ISMG’s Financial Services Summit in New York, and unpacked the top findings from ISMG’s annual Generative AI Survey.…
-
240+ Domains Used By PhaaS Platform ONNX Seized by Microsoft
by
in SecurityNewsMicrosoft’s Digital Crimes Unit (DCU) has disrupted a significant phishing-as-a-service (PhaaS) operation run by Egypt-based cybercriminal Abanoub Nady, known online as >>MRxC0DER.>do-it-yourself>ONNX
-
DOJ Takes Down Global Cybercrime Hub PopeyeTools, Seizes Cryptocurrency
by
in SecurityNewsThe U.S. Department of Justice has announced the seizure of the PopeyeTools website, a notorious cybercrime website that facilitated the trafficking of stolen financial information and tools for committing fraud. Along with this major takedown, criminal charges have been filed against three administrators of the site: Abdul Ghaffar, 25, of Pakistan; Abdul Sami, 35, of…
-
Microsoft seizes websites tied to Egypt-based DIY phishing kit-maker
by
in SecurityNewsThe kits, which the company said were a sophisticated approach to bypassing multifactor authentication, pose a particular threat to the financial services sector. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-seizes-websites-tied-to-egypt-based-diy-phishing-kit-maker/
-
Financial Software Firm Finastra Investigating Data Breach
by
in SecurityNewsFinastra is investigating a data breach after a hacker claimed the theft of information from an internal file-transfer application. The post Financial Software Firm Finastra Investigating Data Breach appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/financial-software-firm-finastra-investigating-data-breach/
-
North Korean Front Companies Impersonate U.S. IT Firms to Fund Missile Programs
by
in SecurityNewsThreat actors with ties to the Democratic People’s Republic of Korea (DPRK) are impersonating U.S.-based software and technology consulting businesses in order to further their financial objectives as part of a broader information technology (IT) worker scheme.”Front companies, often based in China, Russia, Southeast Asia, and Africa, play a key role in masking the workers’…
-
>>Ghost Tap<< Emerges: Cybercriminals Exploit NFC Relay for Contactless Cash-Outs
by
in SecurityNewsThreatFabric reveals a new tactic allowing fraudsters to anonymously drain stolen credit cards linked to mobile wallets. A new and concerning trend in financial cybercrime has surfaced, dubbed >>Ghost Tap
-
Fintech Finastra Confirms Data Theft; Investigation Underway
by
in SecurityNewsCompany Probing Customers Affected After Attacker Claims 400 Gigabyte Data Theft. Financial technology firm Finastra is warning customers that it suffered a breach of a secure file transfer system that it uses to relay information to some customers, leading to an unknown quantity of data being exfiltrated by an attacker. The company is still identifying…
-
Rekoobe Backdoor In Open Directories Possibly Attacking TradingView Users
by
in SecurityNewsAPT31, using the Rekoobe backdoor, has been observed targeting TradingView, a popular financial platform, as researchers discovered malicious domains mimicking TradingView, suggesting a potential interest in compromising the platform’s user community. By analyzing shared SSH keys, investigators identified additional infrastructure linked to this campaign and another open directory, highlighting the evolving tactics employed by APT31…
-
Fintech giant Finastra confirms it’s investigating a data breach
by
in SecurityNewsAn incident disclosure shared with Finastra’s banking and financial customers confirms a hacker stole files from a company system. First seen on techcrunch.com Jump to article: techcrunch.com/2024/11/20/fintech-giant-finastra-confirms-its-investigating-a-data-breach/
-
5-Star Fraud: The FTC’s Ban on Fake Reviews
by
in SecurityNewsThe FTC’s new rule takes aim at the rising threat of fake reviews, especially those generated by bots, which can manipulate consumer trust and distort competition. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/5-star-fraud-the-ftcs-ban-on-fake-reviews/
-
AWS, Sheltered Harbor partner for financial sector cyber resilience
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/aws-sheltered-harbor-partner-for-financial-sector-cyber-resilience
-
Fraud Awareness Week: How to Effectively Protect Your Data and Combat Fraudsters
by
in SecurityNews
Tags: access, ai, api, attack, authentication, awareness, business, cloud, communications, compliance, control, credentials, crime, data, defense, detection, encryption, exploit, finance, fraud, Hardware, iam, international, mfa, mobile, office, PCI, privacy, regulation, risk, service, software, strategy, technology, threat, vulnerabilityFraud Awareness Week: How to Effectively Protect Your Data and Combat Fraudsters madhav Tue, 11/19/2024 – 05:28 International Fraud Awareness Week (November 17-23) is a critical time to consider the significant risks that fraud poses to individuals and organizations. Thanks to AI, fraud attempts and successful attacks are alarmingly common and more advanced, with many…
-
The Stealthy Success of Passkeys
by
in SecurityNewsIt’s interesting to note that many people will happily unlock their phone by just looking at it and have no problem tapping their bank card against a store’s point of sale terminal, but if the term password security is presented to them, they have a blank expression, or worse, shrink away. Why are some technologies…
-
FTC Records 50% Drop in Nuisance Calls Since 2021
by
in SecurityNewsThe US Federal Trade Commission is celebrating a halving of unwanted telemarketing and scam calls since 2021 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ftc-records-50-drop-nuisance-calls/
-
Increased GDPR Enforcement Highlights the Need for Data Security
by
in SecurityNewsGDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. GDPR: The landscape of data privacy and protection has never been more critical. With regulators around the world intensifying scrutiny, companies are facing increasing pressure to comply with stringent data protection laws. The latest…
-
Clever PayPal-based Attack
by
in SecurityNewsDo not call that number! This attack is brilliant. It uses a legitimate PayPal email message about a bogus payment to trick you into phoning a bogus PayPal phone number. I have received several of them this week with various names for the company sending the money request. Different emails contain different subjects and different……
-
FTC reports 50% drop in unwanted call complaints since 2021
by
in SecurityNewsOn Friday, the U.S. Federal Trade Commission (FTC) reported that the number of consumer complaints about unwanted telemarketing phone calls has dropped over 50% since 2021, continuing a trend that started three years ago. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ftc-reports-50-percent-drop-in-unwanted-call-complaints-since-2021/
-
Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia
by
in SecurityNewsA Vietnamese-speaking threat actor has been linked to an information-stealing campaign targeting government and education entities in Europe and Asia with a new Python-based malware called PXA Stealer.The malware “targets victims’ sensitive information, including credentials for various online accounts, VPN and FTP clients, financial information, browser cookies, and data from gaming software,” First seen on…
-
What is Digital Lending Application (DLA) Audit?
by
in SecurityNewsDigital lending has emerged as a game-changer, reshaping the borrowing experience with unprecedented speed, convenience, and accessibility. Gone are the days of endless paperwork and prolonged waiting times”, now, individuals can secure loans within minutes from the comfort of their homes. However, as financial transactions shift to digital platforms, the importance of adhering to compliance…
-
Critical vulnerabilities persist in high-risk sectors
by
in SecurityNewsFinance and insurance sectors found to have the highest number of critical vulnerabilities, according to Black Duck. Finance and insurance industry faces highest … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/15/finance-industry-vulnerabilities/
-
The Magic ITAM Formula for Navigating Oracle Java Licensing
by
in SecurityNewsIT asset managers have their hands full when they’re trying to strike the best path forward for their companies’ use of Java. Finance leaders at many companies are turning to ITAM professionals and asking them to reduce the cost of Java with a magic ITAM formula. Azul Vice President of Worldwide Channel Sales Simon Taylor……
-
Bank of England U-turns on Vulnerability Disclosure Rules
by
in SecurityNewsThe UK’s financial regulators have discarded plans to force critical suppliers to disclose new vulnerabilities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/bank-england-uturns-vulnerability/