Finance News, Articles and Updates

Optiv Security Acquires Decision Lab

Optiv Security reported today it has acquired the big data, automation and orchestration services company Decision Lab.

New IcedID banking trojan already rivals worst of its malware peers

A newly discovered banking trojan, targeting U.S. financial institutions and services since at least September, is already as advanced in its capabilities as its predecessors Zeus, Gozi, and Dridex, researchers from IBM have reported.

Marcher banking trojan campaign attacks Austrians' finances three different ways

An attack campaign targeting Android users in Austria has been employing a unique trio of techniques to steal their funds: a credentials phishing web page, malicious banking app overlays, and credit card phishing screens.

Silence trojan targets Russian financial intuitions. mimics Carbanak gang

A new banking trojan dubbed "Silence" is using methods similar to those used by the Carbanak gang to target Russian financial institutions.

Cybercrime Blotter: Man who impersonated financial institution pleads guilty to computer intrusion

Dwayne Hans, 27, pleaded guilty last week to illegally accessing a website operated by the U.S. General Services Administrationin order to redirect more than $1.5 million in government payments to his own personal accounts.

Land of the rising trojan: Ursnif banking malware surges in Japan

Malspam campaigns designed to spread the Ursnif banking trojan have been heavily targeting Japanese banks and payment card providers in 2017, especially since this past September, according to IBM's X-Force research.

Swiss phishing scam aims to download Retefe banking trojan

The details of a phishing campaign currently being run in Switzerland that uses a tax dodge to entice its victims to open an attached file which will then download the Retefe banking trojan have been released by PhishMe.

Criminals mimic popular cryptocurrency exchange in Google Play

Cybercriminals took advantage of popular cryptocurrency exchange Poloniex's lack of an official app to dupe unsuspecting users into downloading credential stealing malware.

Are drive by cryptominers more profitable than drive-by-malware?

As cryptocurrencies grow in value researchers have taken note that cybercriminals are adapting old drive-by download style attack methods.

Malicious Chrome extension mines Monero, hijacks Gmail and Facebook accounts

A new and very ambitious malicious Chrome extension called Ldi has been uncovered, one that injects the Coinhive cryptocurrency miner into the target computer, accesses the victim's Gmail and Facebook accounts and registers newly created domains in that person's name.

TrickBot tests waters in Latin America in expansion of global reach

The cybergang behind the Trickbot banking trojan appears to have set its sights on Latin American as it continues to expands its list of global targets.

Greek judges OK Russian extradition to the U.S. to face fraud charges

Greece officials have decided to allow the extradition of a Russian hacker suspected of laundering money through a bitcoin exchange to the United States.

SEC chairman defends timing of agency's breach disclosure to Senators

SEC Chairman Jay Clayton confirmed in testimony before the Senate Banking Committee on Tuesday that a 2016 breach of the regulatory body's EDGAR document filing system was made possible due to a defect in custom software code that was subsequently remediated.

Tech support scam used to spread cryptominer Coinhive's Monero

An EITest campaign is using tech support scams to deliver Coinhive's Monero Miner, the same JavaScript cryptocurrency miner silently being used to exploit visitors to The Pirate Bay site

SEC systems breach may aided have insider trading

Hackers breached the U.S. Securities and Exchange Commission's EDGAR document filing system and may have used nonpublic information stored on the database to profit from insider trading, the regulatory body disclosed on Wednesday.

Equifax hackers likely in network since March

The hackers, who exploited a vulnerability in Apache Struts, reportedly accessed the Equifax network by obtaining a user name after typing the "Whoami" command on one of the company's servers.

Cuomo orders new regs to protect New Yorkers from Equifax breach

Financial Services Superintendent Maria T. Vullo had already issued guidance to help licensed financial institutions act to protect consumers affected by the Equifax breach.

Cryptocurrency miners increasingly use CPU mining tools

Cryptocurrency miners have increased their use of mining tools that utilize central processing unit (CPU), and to a lesser extent graphic processing units (GPU) specifically those targeting enterprise networks.

Monero cryptocurrency miners silently placed on Pirate Bay visitor CPUs

In an effort to generate more revenue for the site, The Pirate Bay is quietly running Monero cryptocurrency on the CPU's of its visitors.

More BankBot apps sneak into Google store; UAE banks added to malware's targets

The Google Play store once again has been invaded with apps carrying BankBot Android banking malware that uses fake overlay screens to fool banking app users into giving away their credentials.

Hackers breach AXA Insurance Singapore's Health Portal, stealing data on 5,400 customers

The Singapore division of life insurance firm AXA Insurance has reportedly suffered a data breach, after hackers stole roughly 5,400 customers' personal information from its Health Portal.

China forbids digital currency fund-raising activity

China on Monday banned fund-raising investments in virtual currencies such as bitcoins, a move that follows several major hacks of digital currency exchanges during their Initial Coin Offerings.