Lost devices leading cause of data breaches, report

Lost devices leading cause of data breaches, report

Phishing scams and ransomware attacks may be grabbing the headlines, but for the financial sector lost or stolen mobile devices were the leading cause of data breaches over the last decade.

M&A deals bring added cybersecurity risks

M&A deals bring added cybersecurity risks

Security professionals are increasingly concerned by cybersecurity risks that arise as a result of mergers and acquisitions transactions, particularly the use of cyberespionage to gain information on the competition.

Three indicted in Switzerland for phishing scam

Three indicted in Switzerland for phishing scam

Three people have been charged in Switzerland for a global computer fraud scam.

Report: ATM hackers flee Thailand after stealing $350,000 from state-run bank

Report: ATM hackers flee Thailand after stealing $350,000 from state-run bank

Five suspected cyberthieves have reportedly fled Thailand after allegedly stealing approximately $350,000 in cash from 21 malware-infected ATMs operated by the state-run Government Savings Bank (GSB).

GozNym malware is proficient in German, new malicious campaign proves

GozNym malware is proficient in German, new malicious campaign proves

Thirteen German financial institutions and their subsidiaries have recently felt the wrath of GozNym as the downloader and banking malware hybrid intensifies its campaign against European banking customers.

New Zeus Sphinx banking trojan hitting Brazil

New Zeus Sphinx banking trojan hitting Brazil

Capitalizing on Olympics activity, a new version of Zeus Sphinx has been targeting banks in Brazil and Colombia.

New Scylex financial crimeware strives to be the next Zeus

New Scylex financial crimeware strives to be the next Zeus

If Zeus was the king of banking trojans, then newcomer Scylex is looking to claim Zeus' old perch atop the Mt. Olympus of financial malware.

Jury selection in Seattle for Russian hacker charged with credit card fraud

Jury selection in Seattle for Russian hacker charged with credit card fraud

Roman Valerevich Seleznev, a Russian charged with hacking into servers and global carding forum sites resulting in $170 million in phony credit card purchases, will face a federal jury this week.

Report: Spyware used to dox Vietnam Airlines is lurking in other Vietnamese institutions

Report: Spyware used to dox Vietnam Airlines is lurking in other Vietnamese institutions

Spyware that was recently found to have infiltrated Vietnam Airlines has also embedded itself in the website operations of various Vietnamese institutions, warned cybersecurity firm Bkav, the Vietnam News Agency reported.

Four Australian banks seek Apple tech for mobile transactions, Apple says no

Four Australian banks seek Apple tech for mobile transactions, Apple says no

A group of four banks in Australia want customers to be able to use the banks' own mobile apps when conducting financial transactions with Apple Pay.

Investment in cybersecurity strong as cyberthreats increase

Investment in cybersecurity strong as cyberthreats increase

Venture capitalist investments in cybersecurity firms have seen a 235 percent growth rate over the past five years as cyberthreats increase.

Trader pleads guilty in newswire hacking scheme

A Georgia-based trader pleaded guilty to fraud for involvement in a scheme that gained financial information from embargoed press releases.

Barclays rolls out voice recognition security

Barclays rolls out voice recognition security

All clients of Barclays bank will now be able to verify their banking accounts using voice-recognition technology.

Feds nix SMS-based 2FA

Feds nix SMS-based 2FA

Government service providers will be required to phase out the use of SMS-based two-factor authentication (2FA) as the result of new guidelines from the National Institute of Standards and Technology (NIST).

Possible breach at GunMag Warehouse

Possible breach at GunMag Warehouse

A third-party provider is being blamed for a possible breach into customer transactions at GunMag Warehouse.

House committee grills FDIC after report details history of data breach cover-ups

House committee grills FDIC after report details history of data breach cover-ups

An interim report filed yesterday by the U.S. House Committee on Science, Space and Technology revealed gaping holes in the FDIC's cybersecurity posture and accused the financial institution of withholding documents pertaining to data breaches.

Rapid7 researchers: Flaw found in Seeking Alpha financial news app could leak info

Rapid7 researchers: Flaw found in Seeking Alpha financial news app could leak info

Rapid7 researchers said a flaw discovered financial news platform Seeking Alpha's mobile apps could leak users' PII and confidential information.

Malware suspected in ATM heist in Taiwan

Malware suspected in ATM heist in Taiwan

ATMs in Taiwan were spewing money over the weekend in what authorities believe were malware-aided thefts.

SWIFT hires two cybersecurity firms in wake of digital heists

SWIFT hires two cybersecurity firms in wake of digital heists

The financial messaging cooperative SWIFT announced today that it hired two cybersecurity firms and also created a Customer Security Intelligence team in order to bolster cyber defenses, strengthen forensic investigations and promote information sharing.

Avast's $1.3B AVG deal signals move toward SMBs and IoT

Avast's $1.3B AVG deal signals move toward SMBs and IoT

Czech security software firm Avast Software agreed to buy AVG Technologies for $1.3 billion in an all-cash transaction.

Silk Road fed accused of stealing bitcoin, again

Silk Road fed accused of stealing bitcoin, again

A former Special Agent involved in the Silk Road investigation is suspected of pilfering $700K in bitcoin - after he pled guilty to the theft of $820K in bitcoin and received a five-year prison sentence.

Spike in cyberattacks expected to exploit upcoming Olympics, report

Spike in cyberattacks expected to exploit upcoming Olympics, report

An Israel-based security firm has issued a warning to fans of the upcoming Olympics to be wary of phony offers.

European smishing campaign steps up tactics, strengthens malware

European smishing campaign steps up tactics, strengthens malware

The actors behind a series of ongoing SMS phishing scams targeting Europe-based Android users have intensified their campaigns and significantly upgraded the credentials-stealing malware that's been infecting their victims.

SEC freezes UK hacker's assets

SEC freezes UK hacker's assets

The SEC obtained an emergency court order from a New York court to freeze assets belonging to a UK citizen who allegedly engaged in a sophisticated hacking and market manipulation scheme.

Copycat attacks threaten survival of ethereum cryptocurrency

Copycat attacks threaten survival of ethereum cryptocurrency

Ethereum, a rival to bitcoin, is under seige after follow-up attacks continue to siphon funds based in the cryptocurrency.

U.S. feds looking into $81M theft from Bangladesh Bank in New York

U.S. feds looking into $81M theft from Bangladesh Bank in New York

A probe into the cybertheft of $81 million from the account of Bangladesh Bank held at the Federal Reserve Bank of New York is now under way by the U.S. attorney's office.

New phishing scam siphoning PayPal user credentials

New phishing scam siphoning PayPal user credentials

Users of PayPal are being targeted in a new phishing scheme that steals their credentials.

Twitter, HealthCare.gov top annual list of most trustworthy websites

Twitter, HealthCare.gov top annual list of most trustworthy websites

At one time ridiculed over lax cybersecurity, the federal health insurance exchange site HealthCare.gov scored second-highest out of approximately 1,000 websites in the Online Trust Alliance's eighth annual Trust Audit and Honor Roll.

Pair accused of hacking financial firms extradited to U.S.

Pair accused of hacking financial firms extradited to U.S.

Gery Shalon and Ziv Orenstein, accused of orchestrating the largest-ever theft of customer data from a U.S. financial institution, were extradited from Israel to the U.S. late last week.

Vawtrak malware updated to break tools used by researchers

Vawtrak malware updated to break tools used by researchers

A new version of banking malware includes updates that break tools typically used by security researchers to analyze the Vawtrak trojan.

Morgan Stanley to pay $1M for failing to protect 730,000 customer accounts

Morgan Stanley to pay $1M for failing to protect 730,000 customer accounts

Morgan Stanley agreed to pay a $1 million fine to settle a proceeding launched by the Securities and Exchange Commission's that the financial services giant failed to set up adequate precautions of customer data.

Site of grassroots abortion group hacked

Site of grassroots abortion group hacked

A website belonging to the National Network of Abortion Funds was hacked around April 7.

Canadian Cyber Threat Exchange to select its MSP by end of month

Canadian Cyber Threat Exchange to select its MSP by end of month

Five weeks after its official launch, the Canadian Cyber Threat Exchange is already close to selecting an MSP that will manage the group's new cyberthreat intelligence sharing forum, according to a panel session at SC Congress Toronto on Wednesday.

SWIFT may prohibit banks with weak security from using its system

SWIFT may prohibit banks with weak security from using its system

SWIFT CEO Gottfried Leibbrandt said the organization is considering whether it will exclude from its network banks that have demonstrated weak information security.

SWIFT hack spurs House committee to investigate N.Y. Fed over $80M cybertheft

SWIFT hack spurs House committee to investigate N.Y. Fed over $80M cybertheft

A House committee is investigating the Federal Reserve Bank of New York's operations related to the cybertheft of $80 million from the Bank of Bangladesh.

Upgraded Dridex malware on the rebound, hitting U.S. banks

Upgraded Dridex malware on the rebound, hitting U.S. banks

A new and more dangerous version of the Dridex banking malware is being used in a new campaign targeting financial institutions, primarily in the United States.

Russia clamps down on financial hackers

Russia clamps down on financial hackers

Fifty members of a hacker gang alleged to have created malware used to steal in excess of $25 million from Russian banks have been arrested.

Massive drop in cyberattacks on banks, Lloyds

Massive drop in cyberattacks on banks, Lloyds

London-based Lloyds Banking Group saw a substantial reduction in the number of cyberattacks against it this year.

New strain of PoS malware set to gain momentum, Anomali

New strain of PoS malware set to gain momentum, Anomali

Researchers at Anomali detected a new FrameworkPOS campaign that it says is gaining momentum.

Russian bank app changes password when users attempt removal

Russian bank app changes password when users attempt removal

Researchers discovered a Russian fake banking application that can evade detection by changing a device's password if the victim tries to remove the app.

Flaws on Visa's HTTPS-protected sites allow hackers to insert JavaScript code

Flaws on Visa's HTTPS-protected sites allow hackers to insert JavaScript code

Vulnerabilities allow attackers to use an exploit known as the "forbidden attack," affecting dozens of Visa Inc.'s HTTPS-protected websites.

Credit card skimmers detected in Walmart stores

Credit card skimmers detected in Walmart stores

Newer chip-based cards are more difficult for thieves to counterfeit and can combat the vulnerabilities presented by card-skimming strategies.

Banks fail to innovate, blaming info security fears, report

Banks fail to innovate, blaming info security fears, report

Senior executives at retail banks are motivated to offer digital services, but are held back by cyber security concerns, according to a new study from Cisco.

SWIFT exec unveils info sharing plan, calls Bangladesh 'a watershed event'

SWIFT exec unveils info sharing plan, calls Bangladesh 'a watershed event'

SWIFT CEO Gottfried Leibbrandt issued details of the messaging service company's information-sharing strategy.

Cash stolen from 1,400 ATMs in Japan in coordinated attack

Cash stolen from 1,400 ATMs in Japan in coordinated attack

As many as 100 people are believed to have taken part in a heist of nearly $13 million (USD) from 1,400 cash machines in Japan.

NTIA study: Security threats deter online activities like making purchases and banking

NTIA study: Security threats deter online activities like making purchases and banking

A new government survey shows that U.S. households are growing averse to even the most routine online transactions, due to cyberattacks imperiling users' finances, identities and privacy.

Second bank hit with SWIFT-based hack, experts say patches failed

Second bank hit with SWIFT-based hack, experts say patches failed

The revelation by SWIFT that another bank was victimized using the same MO as that in the Bangladesh bank hack has the security industry believing the SWIFT system is flawed and possibly still vulnerable to another attack.

AbaddonPOS malware preys on retail POS software

AbaddonPOS malware preys on retail POS software

Point-of-sale (POS) malware is still a clear and present danger, say Proofpoint researchers.

Bangladesh bank investigators reportedly find three separate network intruders

Bangladesh bank investigators reportedly find three separate network intruders

The investigation into the bank heist that cost Bangladesh's central bank $81 million has taken a byzantine turn, as a new report surfaced of multiple hacking groups infiltrating the bank's network.

Securities fraudsters who stole from 100M people to be extradited from Israel

Securities fraudsters who stole from 100M people to be extradited from Israel

Two Israeli men accused of securities fraud and hacks into media outlets and nine financial institutions, including JPMorgan Chase, Fidelity Investments and E*Trade Financial Corp., will be extradited to the U.S.

Tax payer info exposed in five breaches, FDIC

Tax payer info exposed in five breaches, FDIC

Five major breaches have put at risk taxpayers' PII, the FDIC told Congress on Monday.

Bangladeshi banking officials blame $81M bank heist on incorrectly-installed software

Bangladeshi banking officials blame $81M bank heist on incorrectly-installed software

Bangladesh Central Bank officials are pinning the blame for an cyberattack that netted $81 million from the financial institution on SWIFT's for incorrectly installing new software.

Liberty Reserve founder sentenced to 20 years

Liberty Reserve founder sentenced to 20 years

Arthur Budovsky, operator of an online payment processor popular with cybercriminals, was sentenced to 20 years in prison for money laundering.

Charles Schwab data breach exposed client investment data

Charles Schwab data breach exposed client investment data

Charles Schwab informed some of its customers on May 4 that their accounts were likely accessed by an unauthorized person possibly exposing their names, account information and other financial data.

Gozi malware creator cuts deal, gets time served and $7M fine

Gozi malware creator cuts deal, gets time served and $7M fine

Gozi banking malware creator Nikita Kuzmin sentenced to time served and a $7 million fine as the U.S. Attorney's office tells judge Kuzmin provided "substantial assistance" to the government.

Marcher banking malware hitting Australia

Marcher banking malware hitting Australia

Marcher Madness continues with a new, stealthier iteration of the Marcher banking malware targeting Android users in Australia.

SWIFT confirms additional cyberattacks on its messaging system

SWIFT confirms additional cyberattacks on its messaging system

The financial messaging organization SWIFT has issued a warning to its customers stating its system has undergone repeated attacks similar to those that lead to $81 million from a Bangladesh bank.

Sixth teen arrested in breach of U.K. ISP TalkTalk

Sixth teen arrested in breach of U.K. ISP TalkTalk

A teenager turned himself in to police in Staffordshire, U.K., where he was arrested on charges stemming from a breach of internet services provider TalkTalk.

Data breaches fueled valuations of cyber firms

Data breaches fueled valuations of cyber firms

Stoked by headlines announcing major data breaches, the stock valuations of cybersecurity companies outperformed the Nasdaq and S&P 500 by double over the past three years.

Research: Over 6,000 data breaches in key industry sectors since 2005

Research: Over 6,000 data breaches in key industry sectors since 2005

The Identity Theft Resource Center (ITRC) and IDT911 said that to date, the financial services, business, education, government and healthcare industrial sectors have experienced over 6,000 data breaches since 2005.

Hacked Swedish military servers used in 2013 DDoS attacks

Hacked Swedish military servers used in 2013 DDoS attacks

Swedish military servers were used by hackers to launch 2013 attacks against U.S. financial institutions, according to reports.

Atmos, Citadel malware variant, hitting French banks

Atmos, Citadel malware variant, hitting French banks

A variant of the notorious Citadel malware, dubbed Atmos, is targeting financial institutions in France, six months after Citadel's author was imprisoned.

Mattel duped out of $3M in phishing scam, recovers loot

Mattel duped out of $3M in phishing scam, recovers loot

U.S. toy manufacturer Mattel fell victim to a phishing campaign, but was able to recover its money.

Cyber fraud stops Kiss from rocking and rolling all night long

Cyber fraud stops Kiss from rocking and rolling all night long

The organizers of a huge music festival featuring more than 50 acts and slated to start April 30 was totally derailed by an as yet unnamed cyber event forcing the promoters to reschedule the show for later this summer.

Biometrically challenged: three-factor authentication systems too weak for web banking

Biometrically challenged: three-factor authentication systems too weak for web banking

Despite new adoptions by RBS and Natwest, even three factor authentication may not be enough to adequately defend online banking against attackers according to experts

Typo spells trouble for hackers, foils Bangladesh bank plot - UPDATE

Typo spells trouble for hackers, foils Bangladesh bank plot - UPDATE

A plot to steal up to $1 billion from Bangladesh's central bank by siphoning funds out of its U.S. Federal Reserve account was by and large foiled after a hacker's typo triggered an investigation, Reuters reported.

Russia's Central Bank to accelerate fight with cyber-criminals

Russia's Central Bank to accelerate fight with cyber-criminals

The Bank of Russia is to double the number of staff in its FinCERT unit, a special division set up to fight cyber-crime in the credit and financial sectors.

Finland's foreign ministry hacked by Russian or Chinese spies

Finland's foreign ministry hacked by Russian or Chinese spies

Finland's foreign ministry computer network has been infiltrated by spies, foreign minister Erkki Tuomioja has revealed to the media.

Kaspersky sees uptick in spam from fake 'Amazon stores'

Kaspersky sees uptick in spam from fake 'Amazon stores'

Kaspersky noticed an increase in fake emails that claim to be from Amazon online stores offering free gifts.

NatWest online banking suffers SMS 'smishing' scams

NatWest online banking suffers SMS 'smishing' scams

News reports suggest that both NatWest and its Royal Bank of Scotland parent were hacked by journalists from BBC Radio 4's You and Yours programme.

Krebs: Wendy's breach losses may exceed those of Target, Home Depot incidents

Krebs: Wendy's breach losses may exceed those of Target, Home Depot incidents

The financial loss to credit unions affected by the Wendy's data breach uncovered earlier this month appears to be on pace to surpass damages incurred from the high-profile Target and Home Depot breach incidents, according to a report from Krebs on Security.

Cylance exposes 'Dust Storm' APT attack on Japanese infrastructure

Cylance exposes 'Dust Storm' APT attack on Japanese infrastructure

An advance persistent threat group has recently been concentrating its efforts on infiltrating Japanese critical infrastructure and key commercial interests, according to cybersecurity firm Cylance.

Retailers falling short of earlier predictions on EMV readiness

Retailers falling short of earlier predictions on EMV readiness

A new survey of U.S. payment service providers revealed that approximately 37 percent of retailers were ready to process EMV payments by Feb. 1, 2016.

Corcow Trojan manipulates currency rates

Corcow Trojan manipulates currency rates

A Russian-language banking Trojan has been found manipulating the ruble-dollar exchange rate

Kaspersky confirms return of Carbanak and two more banking APT groups

Kaspersky confirms return of Carbanak and two more banking APT groups

Kaspersky has confirmed the return of Carbanak as Carbanak 2.0 and uncovered two more groups working in the same style: Metel and GCMAN.

Dyre Trojan almost dead after 'takedown' by the Russians

Dyre Trojan almost dead after 'takedown' by the Russians

The feared Dyre banking Trojan has been almost killed off, following a reported raid by the Russian authorities on a Moscow film distribution company last November.

Cybercriminals increasingly launching APT-style attacks against banks, finds Kaspersky

Cybercriminals increasingly launching APT-style attacks against banks, finds Kaspersky

Kaspersky Lab revealed that cybercrime organizations are increasingly stealing funds from banks by employing many of same Advanced Persistent Threat tools and tactics that previously were only attributable to nation-states.

FireEye nabs automation and orchestration firm Invotas

FireEye nabs automation and orchestration firm Invotas

FireEye Inc. acquired Invotas International Corp., a cybersecurity company that focuses on security automation and orchestration.

Major banks to roll out ATMs that use smartphones for authentication

Major banks to roll out ATMs that use smartphones for authentication

Bank of America, Wells Fargo and JPMorgan Chase have announced plans to roll out ATMs that take smartphones as well as ATM cards.

HSBC UK online banking operations disrupted by DDoS attack

HSBC UK online banking operations disrupted by DDoS attack

HSBC UK this morning was the target of a DDoS attack that flooded the financial institution's systems with manufactured traffic, much to the dismay of online banking customers who were unable to access and manage their accounts.

Data Privacy Day: Chip card adoption growing, but problems linger

Data Privacy Day: Chip card adoption growing, but problems linger

The roll out of the EMV cards last fall was expected to bring a new level of data security to American consumers and retailers, but depending upon whom one speaks the cards have either been a boon or a bust.

PayPal's business site vulnerable to remote code execution

PayPal's business site vulnerable to remote code execution

Michael Stepankin, also known as Artsploit, has disclosed a major vulnerability in PayPal's business site, allowing remote code execution.

E&Y: Cyberthreats the No. 2 driver of forensic data analytics deployments

E&Y: Cyberthreats the No. 2 driver of forensic data analytics deployments

Businesses are expanding their use of forensic data analytics (FDA) to investigate and combat fraud, especially as fears of cyberattacks and internal data threats spike, according to an Ernst & Young report.

Survey says: Data breaches in other industries will damage financial institutions

Survey says: Data breaches in other industries will damage financial institutions

Respondents to a new survey from FICO unanimously agreed: Data breaches this year in other industries will damage financial institutions.

Kaspersky detects surge in 'Asacub' mobile banking trojan attacks

Kaspersky detects surge in 'Asacub' mobile banking trojan attacks

What was once a low-threat, basic spyware trojan has evolved into very powerful banking malware capable of giving hackers near-total control over one's Android device, warned Kaspersky Lab yesterday.

Social engineering scam targets SMBs with trojans, report warns

Social engineering scam targets SMBs with trojans, report warns

A crude but dangerous email-based social engineering scam has been targeting small-to-medium-size businesses in the U.S., U.K. and India since early 2015, the Symantec Security Response blog warned today.

Watch out! Trojan Tinba is back and it's after your money

Watch out! Trojan Tinba is back and it's after your money

F5 Networks has found a variation of the financial trojan Tinba in the wild which is now going after banks in Asia. It's been dubbed Tinbapore in recognition of its origins.

HSBC error leads to potential exposure of customer PII

HSBC error leads to potential exposure of customer PII

HSBC bank is informing some of its customers that their personal information, including Social Security and various bank account numbers, may have been exposed to a third party.

Marijuana stock driven high, then dumped, by spam campaign

Marijuana stock driven high, then dumped, by spam campaign

Symantec is investigating a pump and dump stock spam campaign that used the long-lived W.32 Waledac botnet to target a marijuana farming company possibly generating thousands in illegal profits.

'Key member' of DD4BC arrested in international crackdown

'Key member' of DD4BC arrested in international crackdown

The cyber-extortionist gang DD4BC has reportedly suffered a blow as one of the group's key members was arrested and another detained this week in a worldwide crackdown.

SlemBunk trying to become a slam dunk banking trojan: FireEye

SlemBunk trying to become a slam dunk banking trojan: FireEye

The recently discovered mobile-banking trojan SlemBunk is proving more resilient than first thought and is actively being used in several on-going campaigns.

Payment card data attacks worry over half of UK and US businesses

Payment card data attacks worry over half of UK and US businesses

Well over half (60 percent) of US and 52 percent of UK enterprises feel that an attack on payment card data is likely or more than likely.

Eight arrested in eastern Europe over ATM malware attacks

Eight arrested in eastern Europe over ATM malware attacks

Europol has announced the takedown of an international criminal group believed to be behind a series of ATM malware attacks dating back to at least 2014.

UK high-street banks accused of "shockingly bad" online security

UK high-street banks accused of "shockingly bad" online security

Security you can bank on? Not quite, according to inquiries by Mike Kemp, co-founder of Xiphos Research, who found that outdated SSL security is the norm.

Quincy Credit Union hit by ATM skimming scam

Quincy Credit Union hit by ATM skimming scam

The Quincy Credit Union may have had up to 700 customers victimized by an ATM skimming scam that took place earlier this month.

Extradited Ukrainian indicted in cyber money laundering scheme

Extradited Ukrainian indicted in cyber money laundering scheme

Ukrainian national Viktor Chostak will face charges related to a 25-count indictment in a Charlotte, NC federal court after being extradited from Poland.

Morgan Stanley adviser sentenced for hacking firm's network

Morgan Stanley adviser sentenced for hacking firm's network

A former financial adviser at Morgan Stanley received a sentence of three year's probation for his illegal accessing of the firm's confidential client data.

Phishing campaign targets HSBC customers

Phishing campaign targets HSBC customers

Customers of HSBC are being sent phony emails "warning" them their account is locked.

Gyft resets some customer passwords following breach

Gyft resets some customer passwords following breach

Passwords have been reset for a number of Gyft users as a precaution after account data was reported for sale.

News Alert: Australian police raid home of alleged bitcoin creator

News Alert: Australian police raid home of alleged bitcoin creator

The mysterious founder of bitcoin may have been unmasked following a tip-off from a security researcher and an investigation by two separate media outlets.

RECENT COMMENTS

Sign up to our newsletters

FOLLOW US