Finance

Finance

Tax software used by Chinese bank clients installs GoldenSpy backdoor

A tax software program installed by business clients of an unidentified Chinese bank was trojanized with malware that installs a backdoor granting attackers SYSTEM-level privileges, researchers warn. In a company blog post and more detailed threat report, Trustwave and its SpiderLabs team identified the accounting software as Intelligent Tax, which was reportedly developed by the…

Cyberattackers raising stakes in financial sector, security experts tell House subcommittee

Cyberattacks on the U.S. financial sector amid COVID-19 rose 238 percent over the first five months of 2020, VMware/Carbon Black told Congress during a House Subcommittee on National Security, International Development and Monetary Policy virtual hearing Tuesday. Four NGOs brought to the attention of the lawmakers of how attackers are raising the stakes with fraudulent…

Test platform leaks Bank of America clients’ Covid-19 PPP loan applications

Bank of America has disclosed that it briefly exposed certain business clients’ Paycheck Protection Program (PPP) applications to outside parties after uploading the documents onto a test platform. The incident bears similarities to the recent news of at least states mistakenly exposing application information related to the Pandemic Unemployment Assistance (PUA) program. Both the PPP…

U.S. offers up to $5M for info on North Korean cyber activity

Four U.S. federal agencies on Wednesday jointly issued an advisory that warns of ongoing North Korea-sponsored cyberthreat operations, and offers a reward of up to $5 million for information on such operations. The communication, issued by the State Department, the Department of Homeland Security, the Treasury Department and the FBI, details the Democratic People’s Republic…

U.S. indicts four Chinese military members over Equifax breach

The U.S. Department of Justice has charged four members of the Chinese People’s Liberation Army with nine criminal counts, accusing them of orchestrating and carrying out the 2017 hack of credit reporting agency Equifax. An indictment returned by a federal grand jury in Atlanta and unveiled today by the DOJ alleges that Beijing residents Wu…

Travelex recovering from ransomware, but more firms at risk of VPN exploit

Beleaguered foreign currency exchange company Travelex confirmed on Friday that the first of its U.K.-based customer-facing systems were back up and running after the New Year’s Eve discovery of Sodinokibi ransomware on its network prompted a shutdown of key systems. Meanwhile, a worrisome report revealed that dozens of major U.S. organizations and businesses have also failed…

Sodinokibi ransomware ID’d as cause of Travelex business disruptions

The malware that has disrupted foreign exchange finance company Travelex’s ability to conduct digital transactions since New Year’s Eve has been identified as Sodinokibi ransomware. The malicious encryption software, which operates on a Ransomware-as-a-Service model, may have been delivered via unpatched, vulnerable Pulse Secure VPN servers and it is believed that the attackers are now…

Travelex sidelines online financial services following malware discovery

Foreign exchange financials company Travelex has suspended its UK-based digital services offline since New Year’s Eve, following the discovery of an undisclosed malware program. As of Jan. 3 at 11:30 a.m. ET, the London-based company remains unable to conduct monetary transactions via its website or app. Services are still being conducted manually, however. “We have…

Three GozNym members sentenced domestically, internationally

A three-year-old investigation and prosecution of cybercriminals aligned with the multinational GozNym network resulted last week in the sentencing of a Bulgaria resident in a Pittsburgh federal court. In a related action, a Tbilisi, Georgia court handed down prison sentences of seven and nine years to two Georgian members of the group, following a lengthy trial. In…

Next post in Legal