29 matches found
Сrimeware and financial cyberthreats in 2025
Kaspersky's Global Research and Analysis Team constantly monitors known and emerging cyberthreats directed at the financial industry, with banks and fintech companies being the most targeted. We also closely follow threats that aim to infiltrate a wider range of industries, namely ransomware...
Cyber security for Credit Unions 101
American consumers have two clear yet vastly differing choices when it comes to banking. Many opt for a large-sized national or regional bank. Folks select this option for a variety of reasons, typically due to the vast services and ease of use these powerhouses provide. Roughly 60% of Americans...
Digital Transformation in the Financial Industry: The Role of Fintech
By Owais Sultan The financial industry is undergoing a digital transformation. Digital technology has been around for decades, but its only… This is a post from HackRead.com Read the original post: Digital Transformation in the Financial Industry: The Role of Fintech...
Guardians of IoT: Fortifying the financial sector in the age of IoT
The Internet of Things IoT has revolutionized the financial industry, but its associated security vulnerabilities and risks must be addressed to protect sensitive data...
The Japanese Financial Services Attack Landscape
Recently, we released a major report analyzing the threat landscape of Japan, the globe’s third largest economy. In that report we looked at the ways in which threat actors infiltrate Japanese companies spoiler alert: it is often through foreign subsidiaries and affiliates and some of the most...
Cryptocurrency Companies Targeted in Sophisticated 3CX Supply Chain Attack
The adversary behind the supply chain attack targeting 3CX deployed a second-stage implant specifically singling out a small number of cryptocurrency companies. Russian cybersecurity firm Kaspersky, which has been internally tracking the versatile backdoor under the name Gopuram since 2020, said ...
DDoS Attacks Hit Denmark Central Bank and 7 Private Banks
By Habiba Rashid Along with the websites of the central bank, Bankdata—a company that develops IT solutions for the financial industry—was also targeted by a DDoS attack. This is a post from HackRead.com Read the original post: DDoS Attacks Hit Denmark Central Bank and 7 Private Banks...
Apache Commons Text vulnerability CVE-2022-42889
Updated Oct. 19, 2022 CVE-2022-42889 was recently added to the NVD catalog, with a critical score of 9.8. This vulnerability allows remote code execution RCE in Apache Commons Text. It affects version numbers 1.5-1.9, and an upgrade to Apache Commons Text 1.10.0 disables the problem by default...
4 Steps the Financial Industry Can Take to Cope With Their Growing Attack Surface
The financial services industry has always been at the forefront of technology adoption, but the 2020 pandemic accelerated the widespread use of mobile banking apps, chat-based customer service, and other digital tools. Adobe's 2022 FIS Trends Report, for instance, found that more than half of th...
North Korean Hackers Distributing Trojanized DeFi Wallet Apps to Steal Victims' Crypto
The North Korean state-backed hacking crew, otherwise known as the Lazarus Group, has been attributed to yet another financially motivated campaign that leverages a trojanized decentralized finance DeFi wallet app to distribute a fully-featured backdoor onto compromised Windows systems. The app,...
Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps
Web infrastructure and website security company Cloudflare on Thursday disclosed that it mitigated the largest ever volumetric distributed denial of service DDoS attack recorded to date. The attack, launched via a Mirai botnet, is said to have targeted an unnamed customer in the financial industr...
100,000 Google Sites Used to Install SolarMarker RAT
Hackers are using search-engine optimization SEO tactics to lure business users to more than 100,000 malicious Google sites that seem legitimate, but instead install a remote access trojan RAT, used to gain a foothold on a network and later infect systems with ransomware, credential-stealers,...
RegTech explained: a crucial toolset for the financial industry
Every organization in the financial industry needs to meet certain regulatory obligations, even if it’s just filing a tax return or submitting an annual report. In certain industries, such as financial services, theyve added their own additional sets of rules that must be adhered to. For example,...
Live off the Land? How About Bringing Your Own Island? An Overview of UNC1945
Through Mandiant investigation of intrusions, the FLARE Advanced Practices team observed a group we track as UNC1945 compromise managed service providers and operate against a tailored set of targets within the financial and professional consulting industries by leveraging access to third-party...
Voice Phishers Targeting Corporate VPNs
The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers networks. But one increasingly brazen group of crooks is taking your standard phishing attack to the next level,...
Carbon Black Report: 46% of Incident Response Professionals Experience Counter Incident Response
Quarterly Incident Response Threat Report Executive Summary/Highlights Proactive Incident Response Even as a steady drumbeat of headlines keeps the world’s attention focused on cybercrimes such as ransomware and cryptojacking, in the dark corners of the internet, attackers are busy refining their...
Carbon Black Report: China, Russia & North Korea Launching Sophisticated, Espionage-Focused Cyberattacks
Even as a steady drumbeat of headlines keeps the world’s attention focused on cybercrimes, such as ransomware and cryptojacking, in the dark corners of the internet, attackers are busy refining their craft. According to the world’s top incident response IR professionals, cyberattackers are honing...
Operation Dragonfly Analysis Suggests Links to Earlier Attacks
ARCHIVED STORY Operation Dragonfly Analysis Suggests Links to Earlier Attacks By Trellix · December 17, 2017 On September 6, Symantec published details of the Dragonfly campaign, which targeted dozens of energy companies throughout 2017. This attack was effectively Dragonfly 2.0, an update to a...
ATMii: a small but effective ATM robber
While some criminals blow up ATMs to steal cash, others use less destructive methods, such as infecting the ATM with malware and then stealing the money. We have written about this phenomenon extensively in the past and today we can add another family of malware to the list - Backdoor.Win32.ATMii...
Mobile Stock Trading App Providers Unresponsive to Glaring Vulnerabilities
More than 20 of the most popular mobile trading applications used by consumers and day-traders for securities transactions contain glaring vulnerabilities that could allow attackers to sniff personal data or steal money from accounts. Researchers from IOActive today published a report describing...