A pair of security firms observed an uptick in Dyre infections with new variants exploiting a vulnerability already patched by Microsoft.
NYSE began rolling out a software release, causing communication issues between customer gateways and trading units.
Reports indicated that trading in New York came to a half a little after 11:30 a.m.
Mobile malware jumped 6.4 percent from Q4 2015 to Q1 2015 with half of the malware being financially motivated, a G DATA study showed.
In the year following Gameover Zeus takedown efforts, Dyre has steadily emerged as the financial trojan of choice among cybercriminals.
Researchers with Websense said attackers target the financial services sector more than other industries for a simple reason: money.
A Turkish man accused of stealing nearly $60 million in ATM heists and cyber attacks will be extradited to the U.S. after a custody battle.
Europol arrested a total of 49 suspects Tuesday as the result of a joint investigation into a cybercrime gang that defrauded victims out of six million euro.
A New York man was robbed at gunpoint for $1,100 worth of Bitcoin in a Craigslist deal gone bad.
International law enforcement, with the help of security firm Group-IB, arrested alleged members of the criminal group in late May.
There's been quite a bit of lip service paid to the ages-old concept of information sharing, says Illena Armstrong, VP, editorial, SC Magazine..
Italian Financial Police picked up more than 10 people who were purportedly part of an international criminal organization that laundered money from online scams.
Former GCHQ director Sir Iain Lobban will be joining London-based Standard Chartered bank to prevent cybercrime.
An SEC commissioner's chief of staff and shareholder advocacy expert discussed complex disclosure expectations among investors.
The New York State Department of Financial Services issued an update on cyber security in the banking sector with concern to third-party service providers.
Trend Micro warns that the threat could spread, as the sole perpetrator of the attacks is selling the malware.
The malware, which is still spread through phishing emails, is now in its third iteration, Kaspersky Lab researchers revealed.
Trend Micro believes that point-of-sale malware attackers will increasingly target travelers.
Russian authorities have ramped up efforts to locate criminals spreading ATM malware Tyupkin.
Sarah Dahlgren, the New York Fed's head of supervision, announced that the bank had created a team dedicated to cybersecurity.
In this campaign, the banking trojan, also known as Vawtrak, was spread via drive-by download.
Members of the U.S. House of Representatives have announced that they have joined together to form a bipartisan caucus to investigate payment technologies.
The variant takes new measures to avoid VM detection, PhishMe researchers found
But the U.S. still remains the top country in detections, a Symantec report found.
Experts debate whether the financial industry has a leg up in terms of their cybersecurity strategy when compared to other industries.
Trend Micro says attacks, where signed POS malware was used, are tied to the APT group Carbanak.
Neverquest, also known as Vawtrak, is data stealing malware that targets banking information.
Three researchers with the University of Luxembourg have generated a method to expose Bitcoin users that has the potential to work more than half of the time.
PricewaterhouseCoopers surveyed more than 700 financial service companies and found that they plan to bulk up their cybersecurity efforts in the coming years.
One-time passwords (OTPs) sent via SMS are increasingly the target of Android malware, the report by Javelin revealed.
Trend Micro detailed the variant and attackers' delivery techniques.
FS-ISAC teamed up with the Depository Trust & Clearing Corp on the Soltra Edge platform which will deliver information on breaches and threats to the financial sector.
Robert Dubuc hacked into various financial accounts and used them to divest money to other accounts and buy pre-paid debit cards.
Lamar Taylor was sentenced in New Jersey this past week for allegedly participating in a cybercrime scheme that accounted for more than $15 million.
The settlement brings some resolve to the 2012 breach, where the bank lost unencrypted backup tapes.
The Corporate Challenge site was one of many avenues tested by persistent attackers, reports reveal.
Fidelity claims, however, that no customer data appears to have been stolen.
MBIA says clients of its subsidiary, Cutwater Asset Management, were impacted.
The malware allowed criminals, with physical access to ATMs, to steal millions, Kaspersky revealed.
As the extent of the Chase breach surfaces, experts urge financial institutions to prepare for continued attacks or face impending consequences.
A Consumer Financial Protection Bureau campaign to curb deceptive banking activities has resulted in U.S. Bank being ordered to refund $48 million.
In an interesting twist, financial malware Citadel was used to infect firms outside of the finance sector via APT attacks, Trusteer found.
The suspect, Godswill Oyegwa Uyoyou, conspired with others to hack bank systems and divert 6.28 billion Naira to mule accounts.
This summer's attack on the bank's network might have helped hackers detect subtle vulnerabilities they could exploit in the future.
The "Cybersecurity: Protecting the Payments Systems" summit will encourage coordination between all cybersecurity and industry entities.
Android devices in Korea have primarily been impacted by the malware.
Hackers exploited a zero-day vulnerability and gained access to sensitive information from JPMorgan Chase and at least four other financial institutions, reports indicate.
More than 12,000 messages have been sent to more than 400 companies as part of a phishing campaign targeting users of Bitcoin wallet Blockchain.info.
The National Bureau of Investigation (NBI) warned that the incident showcases the growing incidence of ATM skimming fraud.
The guidance is meant to help merchants and third parties better understand their roles and responsibilities in the payment security ecosystem.
Two hackers demonstrated how device vulnerabilities could allow attackers to access sensitive card data using multiple attack vectors.
Trusteer, an IBM company, said the new Citadel configuration was detected this month.
Symantec researchers found a new variant of the banking trojan.
On Tuesday, Trend Micro released a report detailing Operation Emmental, which targets victims in Austria, Switzerland, Sweden and Japan.
Bloomberg revealed that hackers used two zero-day flaws to breach NASDAQ's servers in 2010.
On Wednesday, Symantec released details on the malware's developed features.
Trusteer, an IBM company, revealed details on the bolware variants, which employ new tactics to manipulate web pages used for Boletos transactions.
Australia-based Bitcoins Reserve lost more than $62,000 after phishers began targeting bidders interested in the auction of 30,000 Bitcoins confiscated in the Silk Road takedown.
RSA has revealed the extent of bolware attacks in the country, which have remained a pervasive issue in the financial sector.
A point-of-sale and security systems vendor is notifying its customers, some of which are big restaurant chains, that its remote access service was breached.
The new Zeus variant employs AES-128 encryption as opposed to the older RC4 cipher used by other Zeus iterations.
Researchers with PhishLabs analyzed nearly 9,000 phishing kits and learned that financial groups and social networks are most targeted.
So far, the new variant has targeted 14 major banks in the country, Trusteer found.
After accessing operator mode on an ATM, two ninth graders in Canada promptly notified the machine's owner, the Bank of Montreal.
Chip technology can prevent criminals from producing counterfeit credit cards.
Researchers with IntelCrawler have uncovered "Nemanja," a point-of-sale malware that has infected nearly 1,500 devices and has compromised close to half a million payment cards.
Anyone needing cash in Poland soon will have access to ATMs that feature biometric security.
PhishLabs estimates that as many as 400 payment cards per day are compromised through the "vishing" attacks.
Nine men were sentenced this week, with the group's leader getting five-and-a-half years.
The bank also oversaw last year's "Waking Shark II" simulated cyber attacks throughout London.
According to the U.S. Government Accountability Office (GAO), SEC, among other lapses, failed to adequately oversee a contractor, which migrated its financial system to a new data center.
Disruption is expected; financial crime should be, too.
Jamie Dimon wrote that the bank will have spent more than $250 million annually by the end of the year on cyber security and faces increasingly complex and more dangerous" attacks.
The Federal Financial Institutions Examination Council (FFIEC) notified the industry on Wednesday.
Cryptocurrency mining malware has been discovered on DVRs that record footage taken by surveillance cameras.
The men, who are New York and Massachusetts residents, led "cash out" operations for an international scheme.
Coinbase responded to a researcher's claims that the San Francisco-based Bitcoin exchange is vulnerable to information disclosure, user enumeration, and lack of rate limitation for sending money requests.
Poor sales and a drop in income in the wake of a high-profile breach prompt Standards & Poor to downgrade Target's credit rating one level.
In a paper released on Wednesday, Swiss researchers suggest the transaction malleability Bitcoin flaw did not ruin Mt. Gox, despite what the Tokyo-based company announced.
At least two apps have been discovered on the official Google Play store that mine for cryptocurrencies, but overheating mobile devices and decreased performance may tip off Android users.
Similar to building a multi-layer security strategy for a business, before deciding what security controls should be implemented to protect Bitcoin transactions, we first need to identify the targets.
Criminals are using SMS messages to get cash out of ATMs, according to Symantec.
About 200,000 Mt. Gox Bitcoins have been recovered in an obsolete old-format wallet, bringing the total amount of the virtual currency allegedly pilfered down to 650,000 Bitcoins.
Researchers with FireEye have identified two phishing campaigns involving a remote administration tool known as WinSpy, that also comes packaged with an Android component known as GimmeRAT.
Three men on their way to scoring more than $15 million in a cyber crime scheme instead scored formal charges in New Jersey District Court for their alleged roles in the international conspiracy, according to an indictment.
Mt. Gox bankruptcy documents filed in the U.S. on Sunday refer to a Bitcoin flaw known as transaction malleability, which may have caused the Tokyo-based company to lose half a billion dollars in the virtual currency.
Massive distributed denial-of-service attacks plagued Mt. Gox in early February, not long before the former world's biggest Bitcoin exchange was hit by an alleged separate attack that bankrupted the company, according to a report.
Android users are tricked into installing a spurious "security" app, which allows fraudsters to bypass one-time password authentication for online banking.
An attempted intrusion is still being investigated, but Texas-based Sally Beauty has no evidence to suggest that 282,000 payment cards found in an online underground crime market were pilfered from the worldwide retailer.
On the same day that an attacker stole 896 bitcoins from Bitcoin bank Flexcoin, an individual allegedly posted the Mt. Gox code on Pastebin.
We've all been breached, but there are steps we can take to evolve the system, says security strategist Dan Srebnick.
From October 2012 to February 2013, Lauri Love allegedly worked with other hackers to steal and publicly distribute personal information housed on the Federal Reserve network.
Mt. Gox announced on Friday that it has filed for bankruptcy protection in Japan after hackers took advantage of weaknesses in its computer systems to purloin hundreds of thousands of bitcoins.
YouTube's ad network was compromised to host the Styx exploit kit, researchers found.
The malware is based on the leaked code of Zeus and RAM-scraping malware.
Officials are investigating an 11-minute video posted on YouTube that shows new information attackers may have obtained after hacking websites and internal systems belonging to Las Vegas Sands Corp.
The associations will explore options for improved information sharing and implementation of card security technology.
CERT Polska researchers have observed attackers using DNS redirection attacks - made possible due to vulnerabilities in home routers - to effectively access online banking accounts in Poland.
The San Francisco Airport - South San Francisco Embassy Suites hotel is notifying an undisclosed number of guests that their payment card information may be at risk after skimming devices were discovered on two computers.
At least 4,500 payment cards have been compromised in the United States and Canada by a new point-of-sale malware, JackPOS, that is based on Alina, according to researchers with cyber intelligence company IntelCrawler.
Sign up to our newsletters
SC Magazine Articles
- Free security tools help detect Hacking Team malware
- Zero-day in Fiat Chrysler feature allows remote control of vehicles
- Study: Half of critical infrastructure IT professionals believe major attack looming
- Fake games in Google Play redirect Android users to porn sites
- PNI Digital Media investigates potential credit card 'issue' as more photo center websites go down
- 'GSMem' malware designed to infiltrate air-gapped computers, steal data
- Critical Android bugs can be exploited via MMS, 950M users affected
- Breach affects 3,000 clients enrolled in Georgia state program
- Top of the app charts - Shuabang: automated malware made in China
- Federal appeals court rules no expectation of privacy for preventable 'butt dials'