Government service providers will be required to phase out the use of SMS-based two-factor authentication (2FA) as the result of new guidelines from the National Institute of Standards and Technology (NIST).
A third-party provider is being blamed for a possible breach into customer transactions at GunMag Warehouse.
An interim report filed yesterday by the U.S. House Committee on Science, Space and Technology revealed gaping holes in the FDIC's cybersecurity posture and accused the financial institution of withholding documents pertaining to data breaches.
Rapid7 researchers said a flaw discovered financial news platform Seeking Alpha's mobile apps could leak users' PII and confidential information.
ATMs in Taiwan were spewing money over the weekend in what authorities believe were malware-aided thefts.
The financial messaging cooperative SWIFT announced today that it hired two cybersecurity firms and also created a Customer Security Intelligence team in order to bolster cyber defenses, strengthen forensic investigations and promote information sharing.
Czech security software firm Avast Software agreed to buy AVG Technologies for $1.3 billion in an all-cash transaction.
A former Special Agent involved in the Silk Road investigation is suspected of pilfering $700K in bitcoin - after he pled guilty to the theft of $820K in bitcoin and received a five-year prison sentence.
An Israel-based security firm has issued a warning to fans of the upcoming Olympics to be wary of phony offers.
The actors behind a series of ongoing SMS phishing scams targeting Europe-based Android users have intensified their campaigns and significantly upgraded the credentials-stealing malware that's been infecting their victims.
The SEC obtained an emergency court order from a New York court to freeze assets belonging to a UK citizen who allegedly engaged in a sophisticated hacking and market manipulation scheme.
Ethereum, a rival to bitcoin, is under seige after follow-up attacks continue to siphon funds based in the cryptocurrency.
A probe into the cybertheft of $81 million from the account of Bangladesh Bank held at the Federal Reserve Bank of New York is now under way by the U.S. attorney's office.
Users of PayPal are being targeted in a new phishing scheme that steals their credentials.
At one time ridiculed over lax cybersecurity, the federal health insurance exchange site HealthCare.gov scored second-highest out of approximately 1,000 websites in the Online Trust Alliance's eighth annual Trust Audit and Honor Roll.
Gery Shalon and Ziv Orenstein, accused of orchestrating the largest-ever theft of customer data from a U.S. financial institution, were extradited from Israel to the U.S. late last week.
A new version of banking malware includes updates that break tools typically used by security researchers to analyze the Vawtrak trojan.
Morgan Stanley agreed to pay a $1 million fine to settle a proceeding launched by the Securities and Exchange Commission's that the financial services giant failed to set up adequate precautions of customer data.
A website belonging to the National Network of Abortion Funds was hacked around April 7.
Five weeks after its official launch, the Canadian Cyber Threat Exchange is already close to selecting an MSP that will manage the group's new cyberthreat intelligence sharing forum, according to a panel session at SC Congress Toronto on Wednesday.
SWIFT CEO Gottfried Leibbrandt said the organization is considering whether it will exclude from its network banks that have demonstrated weak information security.
A House committee is investigating the Federal Reserve Bank of New York's operations related to the cybertheft of $80 million from the Bank of Bangladesh.
A new and more dangerous version of the Dridex banking malware is being used in a new campaign targeting financial institutions, primarily in the United States.
Fifty members of a hacker gang alleged to have created malware used to steal in excess of $25 million from Russian banks have been arrested.
London-based Lloyds Banking Group saw a substantial reduction in the number of cyberattacks against it this year.
Researchers at Anomali detected a new FrameworkPOS campaign that it says is gaining momentum.
Researchers discovered a Russian fake banking application that can evade detection by changing a device's password if the victim tries to remove the app.
Vulnerabilities allow attackers to use an exploit known as the "forbidden attack," affecting dozens of Visa Inc.'s HTTPS-protected websites.
Newer chip-based cards are more difficult for thieves to counterfeit and can combat the vulnerabilities presented by card-skimming strategies.
Senior executives at retail banks are motivated to offer digital services, but are held back by cyber security concerns, according to a new study from Cisco.
SWIFT CEO Gottfried Leibbrandt issued details of the messaging service company's information-sharing strategy.
As many as 100 people are believed to have taken part in a heist of nearly $13 million (USD) from 1,400 cash machines in Japan.
A new government survey shows that U.S. households are growing averse to even the most routine online transactions, due to cyberattacks imperiling users' finances, identities and privacy.
The revelation by SWIFT that another bank was victimized using the same MO as that in the Bangladesh bank hack has the security industry believing the SWIFT system is flawed and possibly still vulnerable to another attack.
Point-of-sale (POS) malware is still a clear and present danger, say Proofpoint researchers.
The investigation into the bank heist that cost Bangladesh's central bank $81 million has taken a byzantine turn, as a new report surfaced of multiple hacking groups infiltrating the bank's network.
Two Israeli men accused of securities fraud and hacks into media outlets and nine financial institutions, including JPMorgan Chase, Fidelity Investments and E*Trade Financial Corp., will be extradited to the U.S.
Five major breaches have put at risk taxpayers' PII, the FDIC told Congress on Monday.
Bangladesh Central Bank officials are pinning the blame for an cyberattack that netted $81 million from the financial institution on SWIFT's for incorrectly installing new software.
Arthur Budovsky, operator of an online payment processor popular with cybercriminals, was sentenced to 20 years in prison for money laundering.
Charles Schwab informed some of its customers on May 4 that their accounts were likely accessed by an unauthorized person possibly exposing their names, account information and other financial data.
Gozi banking malware creator Nikita Kuzmin sentenced to time served and a $7 million fine as the U.S. Attorney's office tells judge Kuzmin provided "substantial assistance" to the government.
Marcher Madness continues with a new, stealthier iteration of the Marcher banking malware targeting Android users in Australia.
The financial messaging organization SWIFT has issued a warning to its customers stating its system has undergone repeated attacks similar to those that lead to $81 million from a Bangladesh bank.
A teenager turned himself in to police in Staffordshire, U.K., where he was arrested on charges stemming from a breach of internet services provider TalkTalk.
Stoked by headlines announcing major data breaches, the stock valuations of cybersecurity companies outperformed the Nasdaq and S&P 500 by double over the past three years.
The Identity Theft Resource Center (ITRC) and IDT911 said that to date, the financial services, business, education, government and healthcare industrial sectors have experienced over 6,000 data breaches since 2005.
Swedish military servers were used by hackers to launch 2013 attacks against U.S. financial institutions, according to reports.
A variant of the notorious Citadel malware, dubbed Atmos, is targeting financial institutions in France, six months after Citadel's author was imprisoned.
U.S. toy manufacturer Mattel fell victim to a phishing campaign, but was able to recover its money.
The organizers of a huge music festival featuring more than 50 acts and slated to start April 30 was totally derailed by an as yet unnamed cyber event forcing the promoters to reschedule the show for later this summer.
Despite new adoptions by RBS and Natwest, even three factor authentication may not be enough to adequately defend online banking against attackers according to experts
A plot to steal up to $1 billion from Bangladesh's central bank by siphoning funds out of its U.S. Federal Reserve account was by and large foiled after a hacker's typo triggered an investigation, Reuters reported.
The Bank of Russia is to double the number of staff in its FinCERT unit, a special division set up to fight cyber-crime in the credit and financial sectors.
Finland's foreign ministry computer network has been infiltrated by spies, foreign minister Erkki Tuomioja has revealed to the media.
Kaspersky noticed an increase in fake emails that claim to be from Amazon online stores offering free gifts.
News reports suggest that both NatWest and its Royal Bank of Scotland parent were hacked by journalists from BBC Radio 4's You and Yours programme.
The financial loss to credit unions affected by the Wendy's data breach uncovered earlier this month appears to be on pace to surpass damages incurred from the high-profile Target and Home Depot breach incidents, according to a report from Krebs on Security.
An advance persistent threat group has recently been concentrating its efforts on infiltrating Japanese critical infrastructure and key commercial interests, according to cybersecurity firm Cylance.
A new survey of U.S. payment service providers revealed that approximately 37 percent of retailers were ready to process EMV payments by Feb. 1, 2016.
A Russian-language banking Trojan has been found manipulating the ruble-dollar exchange rate
Kaspersky has confirmed the return of Carbanak as Carbanak 2.0 and uncovered two more groups working in the same style: Metel and GCMAN.
The feared Dyre banking Trojan has been almost killed off, following a reported raid by the Russian authorities on a Moscow film distribution company last November.
Kaspersky Lab revealed that cybercrime organizations are increasingly stealing funds from banks by employing many of same Advanced Persistent Threat tools and tactics that previously were only attributable to nation-states.
FireEye Inc. acquired Invotas International Corp., a cybersecurity company that focuses on security automation and orchestration.
Bank of America, Wells Fargo and JPMorgan Chase have announced plans to roll out ATMs that take smartphones as well as ATM cards.
HSBC UK this morning was the target of a DDoS attack that flooded the financial institution's systems with manufactured traffic, much to the dismay of online banking customers who were unable to access and manage their accounts.
The roll out of the EMV cards last fall was expected to bring a new level of data security to American consumers and retailers, but depending upon whom one speaks the cards have either been a boon or a bust.
Michael Stepankin, also known as Artsploit, has disclosed a major vulnerability in PayPal's business site, allowing remote code execution.
Businesses are expanding their use of forensic data analytics (FDA) to investigate and combat fraud, especially as fears of cyberattacks and internal data threats spike, according to an Ernst & Young report.
Respondents to a new survey from FICO unanimously agreed: Data breaches this year in other industries will damage financial institutions.
What was once a low-threat, basic spyware trojan has evolved into very powerful banking malware capable of giving hackers near-total control over one's Android device, warned Kaspersky Lab yesterday.
A crude but dangerous email-based social engineering scam has been targeting small-to-medium-size businesses in the U.S., U.K. and India since early 2015, the Symantec Security Response blog warned today.
F5 Networks has found a variation of the financial trojan Tinba in the wild which is now going after banks in Asia. It's been dubbed Tinbapore in recognition of its origins.
HSBC bank is informing some of its customers that their personal information, including Social Security and various bank account numbers, may have been exposed to a third party.
Symantec is investigating a pump and dump stock spam campaign that used the long-lived W.32 Waledac botnet to target a marijuana farming company possibly generating thousands in illegal profits.
The cyber-extortionist gang DD4BC has reportedly suffered a blow as one of the group's key members was arrested and another detained this week in a worldwide crackdown.
The recently discovered mobile-banking trojan SlemBunk is proving more resilient than first thought and is actively being used in several on-going campaigns.
Well over half (60 percent) of US and 52 percent of UK enterprises feel that an attack on payment card data is likely or more than likely.
Europol has announced the takedown of an international criminal group believed to be behind a series of ATM malware attacks dating back to at least 2014.
Security you can bank on? Not quite, according to inquiries by Mike Kemp, co-founder of Xiphos Research, who found that outdated SSL security is the norm.
The Quincy Credit Union may have had up to 700 customers victimized by an ATM skimming scam that took place earlier this month.
Ukrainian national Viktor Chostak will face charges related to a 25-count indictment in a Charlotte, NC federal court after being extradited from Poland.
A former financial adviser at Morgan Stanley received a sentence of three year's probation for his illegal accessing of the firm's confidential client data.
Customers of HSBC are being sent phony emails "warning" them their account is locked.
Passwords have been reset for a number of Gyft users as a precaution after account data was reported for sale.
The mysterious founder of bitcoin may have been unmasked following a tip-off from a security researcher and an investigation by two separate media outlets.
Many industry personnel are not assigned unique login and password details resulting in the risk of customer's personal and financial data.
An ESET survey on online banking habits found that Americans could be more secure with our online banking.
Moody's will begin to place more weight on considerations related to cyber risks when issuing credit ratings, the agency announced in a report.
New online educational tools to assist bank executives in defending against cybercrime have been added to the website of the FDIC.
The EU is looking to crack down on anonymous currency exchanges that could be used by terrorist.
In an environment in which cyber professionals are overwhelmed by rapidly changing security threats, industry pros generally agree that a remediation plan must involve difficult decisions about the security issues that companies are willing to accept the risk rather than take action.
A new variant of the notorious banking trojan Dyreza has been detected by researchers at Heimdal Security.
It's not the chip cards themselves but the slow adoption of the platform in the U.S. that is leaving consumers vulnerable to credit card fraud, an FBI representative said recently.
FireEye CEO blames losses on China cybertreaty, competitors dispute drop in China's hacking activities
Publicly listed FireEye Inc. missed its projected quarterly earnings and during an earnings call CEO Dave DeWalt attributed the disappointing results in part to the U.S.-China cybertreaty announced during Chinese President Xi Jinping's U.S. visit in September.
Regulatory agencies in the U.S. are increasingly concerned by ransomware attacks against financial institutions. The Federal Financial Institutions Examination Council (FFIEC) published a statement warning financial institutions of an uptick in the "frequency and severity of cyber attacks involving extortion."
JPMorgan Chase & Co.'s CSO Jim Cummings reportedly was reassigned to a new position within the bank following the company's major data breach this past year.
Banks are warning Apple Pay users against storing other people's fingerprints on their iPhones, with a threat that would void terms & conditions agreements.
A new ATM will be able to grant customers permission to withdraw money through a scan of their irises or a QR code on their smartphones.
SC Magazine Articles
- WhatsApp in the spotlight after Turkey publishes messages of coup officers
- Trump's Russian interests and Guccifer 2.0
- Russian hackers take the stage at DNC convention
- Proliferation of hacker culture helped keep Anonymous from being branded terrorist org
- 2.3 million 'Warframe,' 'Clash of Kings' accounts compromised
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- Microsoft warns of new, self-propagating ransomware in the wild