For the second time this month The Society for Worldwide Interbank Financial Telecommunication (SWIFT) has introduced new standards including mandatory security requirements for its customers.
SWIFT has introduced a daily reporting system intended to help members of the financial messaging system identify fraudulent payments made over the network.
Details of the attack are still blurry, attackers appear to be using malicious links designed to appeal to users monitoring the evolution of the Bitcoin prices.
To better protect consumer data, banks and insurance companies in New York will soon be required to adhere to new cybersecurity guidelines.
As financial institutions scramble to prevent more attacks like the cyber heists that targeted SWIFT members, a recent report offers additional cause for the sector to improve information sharing practices.
Despite its reduction in volume, Dridex malware is still actively being developed.
The new rules are designed to enhance and clarify existing requirements relating to cybersecurity testing and system safeguards risk analysis.
Wells Fargo Bank was fined $185 million for a five-year long scam that saw bank employees illegally creating fake accounts and email addresses and apply for credit and debit cards to meet sales goals and earn commissions.
In a letter to clients, SWIFT said a fresh wave of attacks had hit other member banks and urged clients to adopt the latest version of its software by November 19.
Paypal users are being lured into clicking on a malicious link embedded in a tweet that appears to come from the financial transaction service.
FireEye researchers dove into the inner workings of the RIPPER ATM malware which they believe allowed a pack of cyberthieves to make off with 12 million baht.
The Democratic senators sent a letter to the White House stressing the importance of developing a "coordinated strategy" to battle cybercrime at financial institutions.
Phishing scams and ransomware attacks may be grabbing the headlines, but for the financial sector lost or stolen mobile devices were the leading cause of data breaches over the last decade.
Security professionals are increasingly concerned by cybersecurity risks that arise as a result of mergers and acquisitions transactions, particularly the use of cyberespionage to gain information on the competition.
Three people have been charged in Switzerland for a global computer fraud scam.
Five suspected cyberthieves have reportedly fled Thailand after allegedly stealing approximately $350,000 in cash from 21 malware-infected ATMs operated by the state-run Government Savings Bank (GSB).
Spending big bucks is not always necessary for corporations to put a decent cybersecurity program in place.
Thirteen German financial institutions and their subsidiaries have recently felt the wrath of GozNym as the downloader and banking malware hybrid intensifies its campaign against European banking customers.
Capitalizing on Olympics activity, a new version of Zeus Sphinx has been targeting banks in Brazil and Colombia.
If Zeus was the king of banking trojans, then newcomer Scylex is looking to claim Zeus' old perch atop the Mt. Olympus of financial malware.
Roman Valerevich Seleznev, a Russian charged with hacking into servers and global carding forum sites resulting in $170 million in phony credit card purchases, will face a federal jury this week.
Spyware that was recently found to have infiltrated Vietnam Airlines has also embedded itself in the website operations of various Vietnamese institutions, warned cybersecurity firm Bkav, the Vietnam News Agency reported.
A group of four banks in Australia want customers to be able to use the banks' own mobile apps when conducting financial transactions with Apple Pay.
Venture capitalist investments in cybersecurity firms have seen a 235 percent growth rate over the past five years as cyberthreats increase.
A Georgia-based trader pleaded guilty to fraud for involvement in a scheme that gained financial information from embargoed press releases.
All clients of Barclays bank will now be able to verify their banking accounts using voice-recognition technology.
Government service providers will be required to phase out the use of SMS-based two-factor authentication (2FA) as the result of new guidelines from the National Institute of Standards and Technology (NIST).
A third-party provider is being blamed for a possible breach into customer transactions at GunMag Warehouse.
The cybergang behind the Patchwork, aka Dropping Elephant, cyberespionage campaign has expanded its reach outside of government organizations and is now hitting the private sector.
An interim report filed yesterday by the U.S. House Committee on Science, Space and Technology revealed gaping holes in the FDIC's cybersecurity posture and accused the financial institution of withholding documents pertaining to data breaches.
Symantec has spotted a new banking malware that stops a victim from cancelling a compromised payment card by blocking calls from the infected device to the bank's customer service department.
Rapid7 researchers said a flaw discovered financial news platform Seeking Alpha's mobile apps could leak users' PII and confidential information.
ATMs in Taiwan were spewing money over the weekend in what authorities believe were malware-aided thefts.
IBM's X-Force Research team reported that the GootKit banking trojan has recently received a facelift with the malware now being harder to spot and a lighter video-capture module.
The financial messaging cooperative SWIFT announced today that it hired two cybersecurity firms and also created a Customer Security Intelligence team in order to bolster cyber defenses, strengthen forensic investigations and promote information sharing.
Czech security software firm Avast Software agreed to buy AVG Technologies for $1.3 billion in an all-cash transaction.
A former Special Agent involved in the Silk Road investigation is suspected of pilfering $700K in bitcoin - after he pled guilty to the theft of $820K in bitcoin and received a five-year prison sentence.
An Israel-based security firm has issued a warning to fans of the upcoming Olympics to be wary of phony offers.
The actors behind a series of ongoing SMS phishing scams targeting Europe-based Android users have intensified their campaigns and significantly upgraded the credentials-stealing malware that's been infecting their victims.
Yet another bank has been hit via the SWIFT messaging system, this time in Ukraine. This may only be the fifth publically disclosed SWIFT heist, but commentators suggest that there plenty of silent victims
The SEC obtained an emergency court order from a New York court to freeze assets belonging to a UK citizen who allegedly engaged in a sophisticated hacking and market manipulation scheme.
Ethereum, a rival to bitcoin, is under seige after follow-up attacks continue to siphon funds based in the cryptocurrency.
A probe into the cybertheft of $81 million from the account of Bangladesh Bank held at the Federal Reserve Bank of New York is now under way by the U.S. attorney's office.
Users of PayPal are being targeted in a new phishing scheme that steals their credentials.
At one time ridiculed over lax cybersecurity, the federal health insurance exchange site HealthCare.gov scored second-highest out of approximately 1,000 websites in the Online Trust Alliance's eighth annual Trust Audit and Honor Roll.
Gery Shalon and Ziv Orenstein, accused of orchestrating the largest-ever theft of customer data from a U.S. financial institution, were extradited from Israel to the U.S. late last week.
A new version of banking malware includes updates that break tools typically used by security researchers to analyze the Vawtrak trojan.
A new study examines consumer attitudes toward corporate hacking and companies should take heed.
Morgan Stanley agreed to pay a $1 million fine to settle a proceeding launched by the Securities and Exchange Commission's that the financial services giant failed to set up adequate precautions of customer data.
Don't panic, prioritise and plan for EU GDPR - and if you do the right thing for your customer, the chances are you will be compliant and avoid potentially hefty fines for data breach.
The Federal Reserve Bank issued a notice Tuesday telling banks to assess their cybersecurity postures and search for clues of cyberattacks by the group that pulled off an $81 million cyber heist from the Bangladesh Central Bank.
A website belonging to the National Network of Abortion Funds was hacked around April 7.
Five weeks after its official launch, the Canadian Cyber Threat Exchange is already close to selecting an MSP that will manage the group's new cyberthreat intelligence sharing forum, according to a panel session at SC Congress Toronto on Wednesday.
SWIFT CEO Gottfried Leibbrandt said the organization is considering whether it will exclude from its network banks that have demonstrated weak information security.
A House committee is investigating the Federal Reserve Bank of New York's operations related to the cybertheft of $80 million from the Bank of Bangladesh.
A new and more dangerous version of the Dridex banking malware is being used in a new campaign targeting financial institutions, primarily in the United States.
Fifty members of a hacker gang alleged to have created malware used to steal in excess of $25 million from Russian banks have been arrested.
London-based Lloyds Banking Group saw a substantial reduction in the number of cyberattacks against it this year.
Researchers at Anomali detected a new FrameworkPOS campaign that it says is gaining momentum.
Symantec researchers linked a cyber attack on a Philippines bank to the group that stole $81 million from the Bangladesh Central Bank and to the 2014 Sony hack.
Researchers discovered a Russian fake banking application that can evade detection by changing a device's password if the victim tries to remove the app.
Vulnerabilities allow attackers to use an exploit known as the "forbidden attack," affecting dozens of Visa Inc.'s HTTPS-protected websites.
Newer chip-based cards are more difficult for thieves to counterfeit and can combat the vulnerabilities presented by card-skimming strategies.
Senior executives at retail banks are motivated to offer digital services, but are held back by cyber security concerns, according to a new study from Cisco.
SWIFT CEO Gottfried Leibbrandt issued details of the messaging service company's information-sharing strategy.
As many as 100 people are believed to have taken part in a heist of nearly $13 million (USD) from 1,400 cash machines in Japan.
A new government survey shows that U.S. households are growing averse to even the most routine online transactions, due to cyberattacks imperiling users' finances, identities and privacy.
Vietnam's Tien Phong Bank came forward claiming to be the second bank that was attacked with a fake message sent through The Society for Worldwide Interbank Financial Telecommunication (SWIFT) messaging system.
The revelation by SWIFT that another bank was victimized using the same MO as that in the Bangladesh bank hack has the security industry believing the SWIFT system is flawed and possibly still vulnerable to another attack.
Point-of-sale (POS) malware is still a clear and present danger, say Proofpoint researchers.
The investigation into the bank heist that cost Bangladesh's central bank $81 million has taken a byzantine turn, as a new report surfaced of multiple hacking groups infiltrating the bank's network.
Two Israeli men accused of securities fraud and hacks into media outlets and nine financial institutions, including JPMorgan Chase, Fidelity Investments and E*Trade Financial Corp., will be extradited to the U.S.
Five major breaches have put at risk taxpayers' PII, the FDIC told Congress on Monday.
Bangladesh Central Bank officials are pinning the blame for an cyberattack that netted $81 million from the financial institution on SWIFT's for incorrectly installing new software.
Arthur Budovsky, operator of an online payment processor popular with cybercriminals, was sentenced to 20 years in prison for money laundering.
Charles Schwab informed some of its customers on May 4 that their accounts were likely accessed by an unauthorized person possibly exposing their names, account information and other financial data.
Gozi banking malware creator Nikita Kuzmin sentenced to time served and a $7 million fine as the U.S. Attorney's office tells judge Kuzmin provided "substantial assistance" to the government.
Marcher Madness continues with a new, stealthier iteration of the Marcher banking malware targeting Android users in Australia.
The financial messaging organization SWIFT has issued a warning to its customers stating its system has undergone repeated attacks similar to those that lead to $81 million from a Bangladesh bank.
The Qatar National Bank is investigating a possible massive data breach with more than 15,000 files, or 1.4GB of data, being compromised.
IBM's X-Force reported today the actors behind the hybrid GozNym banking trojan that stole $4 million from U.S. banks in March have released a new configuration that is targeting European banks.
A report from the Society for Worldwide Interbank Financial Telecommunication (SWIFT) indicates the group was aware that malware was targeting its system when $81 million was stolen from a Bangladesh bank in March.
The two men responsible for the SpyEye banking trojan, used to steal user information from financial institutions, were sentenced to a combined 24-1/2 years in prison.
A teenager turned himself in to police in Staffordshire, U.K., where he was arrested on charges stemming from a breach of internet services provider TalkTalk.
Stoked by headlines announcing major data breaches, the stock valuations of cybersecurity companies outperformed the Nasdaq and S&P 500 by double over the past three years.
The Identity Theft Resource Center (ITRC) and IDT911 said that to date, the financial services, business, education, government and healthcare industrial sectors have experienced over 6,000 data breaches since 2005.
Swedish military servers were used by hackers to launch 2013 attacks against U.S. financial institutions, according to reports.
A variant of the notorious Citadel malware, dubbed Atmos, is targeting financial institutions in France, six months after Citadel's author was imprisoned.
U.S. toy manufacturer Mattel fell victim to a phishing campaign, but was able to recover its money.
Over 18 million user credentials have been found on a server of a Japanese company who let Chinese hackers use it in their attacks.
The organizers of a huge music festival featuring more than 50 acts and slated to start April 30 was totally derailed by an as yet unnamed cyber event forcing the promoters to reschedule the show for later this summer.
Despite new adoptions by RBS and Natwest, even three factor authentication may not be enough to adequately defend online banking against attackers according to experts
A plot to steal up to $1 billion from Bangladesh's central bank by siphoning funds out of its U.S. Federal Reserve account was by and large foiled after a hacker's typo triggered an investigation, Reuters reported.
Income tax scammers are working overtime to separate hard working tax payers from their yearly refund, employing primarily a single tried and true method to complete their attack, phishing.
The Bank of Russia is to double the number of staff in its FinCERT unit, a special division set up to fight cyber-crime in the credit and financial sectors.
Finland's foreign ministry computer network has been infiltrated by spies, foreign minister Erkki Tuomioja has revealed to the media.
Kaspersky noticed an increase in fake emails that claim to be from Amazon online stores offering free gifts.
News reports suggest that both NatWest and its Royal Bank of Scotland parent were hacked by journalists from BBC Radio 4's You and Yours programme.
The financial loss to credit unions affected by the Wendy's data breach uncovered earlier this month appears to be on pace to surpass damages incurred from the high-profile Target and Home Depot breach incidents, according to a report from Krebs on Security.
An advance persistent threat group has recently been concentrating its efforts on infiltrating Japanese critical infrastructure and key commercial interests, according to cybersecurity firm Cylance.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Cybercriminals already able to hack ATM biometric readers
- Education sector bullied by ransomware and can barely defend itself, report
- IoT assault, connected devices increasingly used for DDoS attacks
- Cisco warns of exploitation of new flaws linked to Shadow Brokers exploits
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace
- Wi-Fi warning! Study finds U.S. unaware of public Wi-fi risks
- RIG EK rigged to steal tricks from Neutrino in fight to fill Angler's void
- SWIFT adds additional protective measures for members to ensure cybersecurity compliance
- 185M incidents bypassed perimeter defenses - report
- Pagers found leaking patient health information
- OVH suffers massive 1.1Tbps DDoS attack