Finance | SC Media

Finance

Fake VPN and office software websites spread Bolij.2 banking trojan

Cybercriminals recently set up impostor websites for the NordVPN virtual private network service and two office software products, in an attempt to infect visitors with the Win32.Bolij.2 banking trojan, according to researchers. Launched on Aug. 8, the fake NordVPN site, nord-vpn[.]club, has already drawn thousands of visitors so far this month, Dr.Web reports in an…

leakingData social

Report: SEC looking into First American Financial Corp.’s leaky website

First American Financial Corp. is reportedly the subject of a U.S. Securities and Exchange Commission investigation, following the discovery of a website defect that left 885 million documents exposed to the public. Earlier this year, the financial services company’s website was found to have allowed anyone with a web browser and a URL for a…

Banking flaw

Monzo updates apps after incorrectly storing banking customer PINs

The U.K.-based digital bank Monzo Sunday disclosed that it has fixed an error that caused certain customers’ PIN codes to be stored in a less secure area of its internal systems. In an Aug. 4 company blog post, the mobile-only banking services provider acknowledged that it mistakenly had recorded some customers’ PINs in encrypted log…

"Aaron's Law," to amend the CFAA, introduced in Congress

House Republicans ask Capitol One and Amazon for briefing on data breach

Republican members of the House of Representatives’ Committee on Oversight and Reform this week sent open letters to both Capital One and Amazon, requesting that both companies arrange a briefing with Congressional staff members regarding Capital One’s recently announced data breach. Last Monday, McLean, Va.-based Capital One Financial Corporation publicly acknowledged that an unauthorized individual…

trojanhorse_1032765

Fiendish Amavaldo banking trojan strikes in Mexico after targeting Brazilians

Researchers this year discovered a pair of malicious campaigns that attempted to distribute the recently discovered Amavaldo banking trojan to Brazilians and Mexicans, respectively. Amavaldo is one of 10 malware families that researchers at ESET’s lab in Prague are claiming to have discovered since 2017, when they first launched an in-depth investigation into Latin American…

U.S. indicts three over alleged phishing campaign targeting universities, businesses

The Department of Justice has indicted two Americans and a Nigerian on multiple charges for their alleged roles in a phishing scheme that targeted college employees, banks and other businesses from May 2013 through June 2014. Filed on Tuesday in U.S. District Court in New Mexico, the indictment identifies the defendants as Nigerian citizen Otuokere…

Capital One breach exposes not just data, but dangers of cloud misconfigurations

The massive Capital One data breach that compromised the personal information of 100 million credit card customers and applicants serves as a stark reminder that misconfigurations and malicious insiders can defeat the most well-intentioned cyber defenses, even when companies rely on a third-party cloud service to securely manage their data. In the case of Capital…

BianLian banking trojan adds screen recorder to face off against Android users

Researchers have discovered a new version of the Android banking trojan BianLian that introduces the ability to record device screens and set of proxies. Named after the Chinese art of “face-changing,” BianLian first appeared as a dropper in October 2018. But it quickly evolved and adopted banking trojan functionality, including overlay attacks that trick users…

Inconvenience stores: Thieves steal $500K from users of 7-Eleven Japan’s new payment app

Convenience chain 7-Eleven Japan has suspended a brand new mobile cashless payment service after an authorized third party accessed approximately 900 user accounts and made fraudulent charges totally 55 million yen, or roughly $500,000 dollars. The service, 7pay, reportedly had only been launched three days earlier, and allows participating customers to automatically charge purchased goods…

TA505 cybergang debuts ‘AndroMut” downloader to deliver FlawedAmmyy RAT globally

The cybercriminal group TA505 appears to have launched two malware campaigns last June, delivering the FlawedAmmyy RAT to victims in multiple countries using the newly created downloader program AndroMut. Both campaigns infected victims using phishing emails with links for downloading Microsoft Word and Excel files, according to a July 2 blog post by Proofpoint If…

Next post in Malware