28 Oct 2019

UniCredit hit by data breach of Italian client records

3 million Italian customers of Italian bank UniCredit are affected by a major breach involving a document created in 2015, the company confirmed on Monday. It is not clear what data has been compromised, but according to the bank, the information, could not have allowed threat actors to access customer

Read More
25 Oct 2019

A DDoS gang is extorting businesses posing as Russian government hackers

Threat actors are impersonating the notorious state-backed Russian hacking group Fancy Bear (aka Sofacy, APT28 and Sednit) as part of a distributed denial-of-service (DDoS) extortion campaign targeting organizations in the financial sector. According to Daniel Smith of Radware, the threat actors launch “large scale, multi-vector demo DDoS attacks” against a

Read More
23 Oct 2019

Magecart 5 Linked to Carbanak Gang

New research by Malwarebytes connects Magecart Group 5, one of the most prominent payment card skimming threat actors, to the notorious Carbanak threat group. Magecart is an umbrella term for various criminal groups that attack websites with the aim of injecting them with “skimming” malware designed to steal the payment

Read More
10 Oct 2019

Financial industry spending millions to deal with breaches in 2019

82% of organizations suffered a DNS attack last year, and many companies were hit multiple times, with the average number of attacks per company falling just short of 9.5, a new report by EfficientIP shows. Because the average cost per attack exceed $1.3 million, companies can expect to lose over

Read More
24 Sep 2019

North Korean hackers are targeting ATMs in India with new data-stealing malware

Cybersecurity researchers with Kaspersky Lab say that hackers working for the North Korean government have been targeting ATM machines in India with a new strain of payment card skimming malware. The campaign has been active since last summer. The malware used in the attacks is called ATMDTrack, which is linked to

Read More
16 Aug 2019

ECB Says One of Its Websites Was Hacked, Data Possibly Captured

Earlier this year, a threat actor hacked the Banks’ Integrated Reporting Dictionary (BIRD) website of the European Central Bank and installed malware designed for phishing campaigns on the server of the third-party hosting provider. The ECB said the hackers may have obtained the names and email addresses of 481 subscribers

Read More
15 Aug 2019

Financial Phishing Grows in Volume and Sophistication in First Half of 2019

In the first half of this year, the number of potential phishing domains increased by 14%, while phishing domains with valid certificates doubled to 1,900, a new study[pdf] by Normshield found. Last year, 8.5% of phishing domains used a valid certificate and this number is expected to grow to 15% this

Read More
13 Aug 2019

UN Probing 35 North Korean Cyberattacks in 17 Countries

The United Nations (UN) is investigating at least 35 cyberattacks in 17 countries that are believed to be the work of hackers working for the North Korean government, an extended version of a recent UN report shows. A summary of the report released last week mentioned that Pyongyang has used

Read More
05 Aug 2019

FSI organizations are failing to assess their software for security vulnerabilities before release

Organizations in the Financial Services Industry (FSI) are doing a rather poor job at preventing cyberattacks, new research by Synopsys shows. The majority of FSI organizations have suffered a cyberattack that caused system failure and downtime (56%) or have had threat actors steal sensitive customer data (51%). Ransomware infections or

Read More
01 Aug 2019

Capital One is not alone: 3.5B malicious login attacks target banks and customers

Between November 2017 to April 2019, threat actors carried out 3.5 billion malicious login attempts as part of credential stuffing attacks, in which credentials exposed in a data breach at one firm are used to gain access to accounts at another company. Akamai also identified close to 200,000 phishing domains

Read More