17 matches found
EUVD-2021-23039
Malware in sbrugna...
CVE-2021-36436
An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email addresses and user entered information via submission to the forgotten-password endpoint...
Cyber security for Credit Unions 101
American consumers have two clear yet vastly differing choices when it comes to banking. Many opt for a large-sized national or regional bank. Folks select this option for a variety of reasons, typically due to the vast services and ease of use these powerhouses provide. Roughly 60% of Americans...
Act Now to Prepare for New NCUA Cyber Incident Reporting Requirements
We recently discussed the new SEC rule requiring all registered companies to report material cyber incidents within four 4 days. Now the National Credit Union Administration NCUA1 has updated their Cyber Incident Notification Rule, requiring all federally insured Credit Unions to notify the NCUA ...
CVE-2021-36436
An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email addresses and user entered information via submission to the forgotten-password endpoint...
CVE-2021-36436
An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email addresses and user entered information via submission to the forgotten-password endpoint...
Session fixation
An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email addresses and user entered information via submission to the forgotten-password endpoint...
CVE-2021-36436
CVE-2021-36436 concerns Mobicint Backend for Credit Unions v3. The issue enables retrieval of partial email addresses and user-entered information via the forgotten-password endpoint. Connected sources consistently describe leakage through that API call; no explicit exploit details, affected vers...
CVE-2021-36436
An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email addresses and user entered information via submission to the forgotten-password endpoint...
Crooks Spoofing Credit Unions to Steal Funds and Login Credentials
By Deeba Ahmed Email security provider Avanan revealed in a Thursday report that a new phishing campaign exploits local credit unions… This is a post from HackRead.com Read the original post: Crooks Spoofing Credit Unions to Steal Funds and Login Credentials...
Phishers Target Anti-Money Laundering Officers at U.S. Credit Unions
A highly targeted, malware-laced phishing campaign landed in the inboxes of multiple credit unions last week. The missives are raising eyebrows because they were sent only to specific anti-money laundering contacts at credit unions, and many credit union sources say they suspect the non-public da...
New York State Implements Cybersecurity Regulation 23 NYCRR 500
On March 1st, 2017, sweeping new cybersecurity requirements were placed on organizations regulated by the New York State Department of Financial Services. The law applies to a broad set of covered entities that are supervised by the NYDFS, including banks, trusts, budget planners, check cashers,...
NAFCU Dismisses Data Encryption Rule Idea
Even after suffering a data breach, the organization in charge of overseeing the needs of credit unions has cast off the idea of implementing a rule mandating the use of encryption for data transfers. Despite the breach, the National Association of Federal Credit Unions, or NAFCU, is insisting th...
Visa, MasterCard Warn Of Breach At Card Processor
UPDATE–MasterCard and Visa have confirmed that they are investigating a potentially huge data breach at one of the companies’ payment processors, which the Wall Street Journal has identified as Global Payments Inc. The credit card giants are alerting banks about a breach at a U.S. based card...
Cyber Security Fraud in the Banking Industry: Lessons Learned in OCC Examiner Training
In late October 2011, Coalfire participated in a day of IT audit training with about 35 bank examiners. As you would expect, we covered a lot of previously hot topics. The conversation changed as we started talking about the amount of fraud being realized by community banks and credit unions...
Credit Unions Targets of Smishing Attacks
A new report found that credit unions continue to be a favorite target of smishing attacks, and that text-to-phone scams used a toll-free number in about half of the lures sent in the first quarter of 2010. Read the full article. KrebsonSecurity...
Malware-Infected CD Mailing was Part of Pen Test
The malware-infected CDs that were mailed to some credit unions may have been part of a penetration test designed to gauge whether an employee would run the software. The SANS Internet Storm Center says it was notified by a representative from Microsolved that the mailing was part of an authorize...