SC Finance

LVIV, UKRAINE – FEBRUARY 25: A Ukrainian flag flies over an observation platform in the city center on February 25, 2023 in Lviv, Ukraine. While Lviv, located in western Ukraine, lies far from the current fighting raging between Ukrainian and Russian armed forces in the east and even offers a sense of normalcy in every day life, it neverthele...

FS-ISAC expects to see more hacktivist groups targeting financial services as the Russia-Ukraine war persists. (Source: Sean Gallup via Getty Images)

Report: wartime hacktivism is spilling over into the financial services industry

Menghan XiaoMarch 21, 2023

Russia's war with Ukraine has triggered a surge in ideologically motivated hacktivism that persists to this day, posing by far the most significant impact on the cyber threat landscape for financial services, according to a report by the Financial Services Information Sharing and Analysis Center.

Traders in the Standard & Poor's 500 stock index options pit at the Chicago Board Options Exchange (CBOE).

Compliance

Publicly traded companies aren’t moving to add cyber experts to their boards

Derek B. JohnsonMarch 20, 2023

Research this month found that of the 414 new board seats allocated to top companies in 2022, just 14% went to individuals with backgrounds in cybersecurity.

WASHINGTON – SEPTEMBER 18: The U.S. Securities and Exchange Commission seal hangs on the facade of its building September 18, 2008 in Washington, DC. Republican presidential candidate Sen. John McCain (R-AZ) has called for the ouster of SEC Chairman Christopher Cox in the wake of the collapse of several giant banks on Wall Street and the res...

Breach

SEC proposes slew of new cyber rules to secure financial entities

Menghan XiaoMarch 17, 2023

Among the proposed rules are requirements for broker-dealers to notify their customers about the data breach within 30 days, while immediately informing the SEC of cyber incidents.

Cybercrime

BidenCash card shop leaks 2 million payment card records

Menghan XiaoMarch 6, 2023

A carding marketplace known as BidenCash leaked over 2 million payment card records on a top tier dark net for free in celebration of its first anniversary.

Cybercrime

How tech has evolved to defend digital commerce

Michael Jabbara March 2, 2023

By staying on top of security trends, implementing a governance process, and using secure digital tokens, companies can keep e-commerce systems safe.

Threat actors have been using Microsoft’s third-party app verification process to target the cloud environments of business and financial executives, according to new research out this morning from Proofpoint. (Credit: atomicstudio via Getty Images)

Application security

Threat campaign abuses Microsoft’s verified publisher status to target business execs and cloud environments

Menghan XiaoJanuary 31, 2023

The campaign involves a number of OAuth apps impersonating credible brands to gain verified status from Microsoft. According to researchers, a user who clicked on a consent prompt would hand malicious actors the ability to read their emails, adjust mailbox settings and gain access to other parts of their Microsoft account.

A close-up view of the Telegram messaging app is seen on a smart phone on May 25, 2017 in London, England. SafeGuard Cyber Division Seven (D7) threat intelligence team located and confirmed an instance where a company’s employees had been targeted in a previously-known cryptocurrency impersonation scheme as far back as July 2022. (Photo by Ca...

Emerging technology

Research confirms threat actor impersonating cryptocurrency firm on Telegram

Menghan XiaoJanuary 10, 2023

A month after Microsoft revealed that a threat actor was targeting using Telegram to connect with cryptocurrency VIPs and infect them with malware, another firm has found additional evidence of malicious actors using tactics to impersonate legitimate actors in the cryptocurrency space.

Report: wartime hacktivism is spilling over into the financial services industry

Publicly traded companies aren’t moving to add cyber experts to their boards

SEC proposes slew of new cyber rules to secure financial entities

BidenCash card shop leaks 2 million payment card records

How tech has evolved to defend digital commerce

Threat campaign abuses Microsoft’s verified publisher status to target business execs and cloud environments

Research confirms threat actor impersonating cryptocurrency firm on Telegram

In Brief

Cyberattack hits Spanish pharmaceutical company Alliance Healthcare

Dole now says February attack spilled employee data

Database tied to special education support services found leaking student data

Threat actor attempted vendor email compromise attack for $36 million

Independent Living Systems hit with 5 lawsuits after breach update to 4.2M patients