41 matches found
Canada Fines Cybercrime Friendly Cryptomus $176M
Financial regulators in Canada this week levied $176 million in fines against Cryptomus , a digital payments platform that supports dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services. The penalties for violating Canada's anti money-laundering laws come ten months...
IBM Common Cryptographic Architecture Resource Management Error Vulnerability
IBM Common Cryptographic Architecture is a cryptographic platform from International Business Machines IBM. It provides a number of features to protect financial transactions. A resource management error vulnerability exists in IBM Common Cryptographic Architecture CCA versions 7.0.0 through 7.5....
The vulnerability of the software tool for processing and managing financial transactions conducted through the SWIFT international messaging system allows a perpetrator to disclose protected information or compromise the accessibility of that information, due to incorrect restrictions on XML links to external objects in the IBM Financial Transaction Manager for SWIFT Services.
The vulnerability of the software tool for processing and managing financial transactions conducted through the SWIFT messaging system is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability can allow a malicious actor to disclose protected...
Rounding Bug in OracleLibrary.consult Impacting Pricing Accuracy and User Costs
Lines of code Vulnerability details Impact The rounding bug in the OracleLibrary.consult function has a significant impact on applications that rely on this function for price calculations, especially those involving asset swaps, collateral valuation, or other financial transactions. The bug caus...
Fintech’s Crucial Role in Reducing Cyber Threats
By Owais Sultan Fintech can reduce cyber threats by implementing robust encryption and authentication measures, enhancing security protocols to safeguard financial transactions and customer data. This is a post from HackRead.com Read the original post: Fintech’s Crucial Role in Reducing Cyber...
How to protect your small business from social engineering
When Alvin Staffin received an email from his boss, he didn't question it. In the email, Gary Bragg, then-president of Pennsylvania law firm O'Neill, Bragg & Staffin, asked Staffin to wire $580,000 to a Bank of China account. Staffin, who was VP and in charge of banking, sent the money through as...
Researchers Uncover Stealthy Techniques Used by Cranefly Espionage Hackers
A recently discovered hacking group known for targeting employees dealing with corporate transactions has been linked to a new backdoor called Danfuan. This hitherto undocumented malware is delivered via another dropper called Geppei, researchers from Symantec, by Broadcom Software, said in a...
Google Chrome Bug Lets Sites Silently Overwrite System Clipboard Content
A "major" security issue in the Google Chrome web browser, as well as Chromium-based alternatives, could allow malicious web pages to automatically overwrite clipboard content without requiring any user consent or interaction by simply visiting them. The clipboard poisoning attack is said to have...
Latest Mobile Malware Report Suggests On-Device Fraud is on the Rise
An analysis of the mobile threat landscape in 2022 shows that Spain and Turkey are the most targeted countries for malware campaigns, even as a mix of new and existing banking trojans are increasingly targeting Android devices to conduct on-device fraud ODF. Other frequently targeted countries...
SSRF Flaw in Fintech Platform Allowed for Compromise of Bank Accounts
A server-side request forgery SSRF flaw in an API of a large financial technology fintech platform potentially could have compromised millions of bank customers, allowing attackers to defraud clients by controlling their bank accounts and funds, researchers have found. A team at Salt Security’s...
Kraden: Business Logic Flaw in the subscription of the app
Summary: Hello Security Team Business logic vulnerabilities are flaws in the design and implementation of an application that allow an attacker to elicit unintended behavior. This potentially enables attackers to manipulate legitimate functionality to achieve a malicious goal. Steps To Reproduce:...
New Android Malware Targeting Brazil's Itaú Unibanco Bank Customers
Researchers have discovered a new Android banking malware that targets Brazil's Itaú Unibanco with the help of lookalike Google Play Store pages to carry out fraudulent financial transactions on victim devices without their knowledge. "This application has a similar icon and name that could trick...
Cumulative Update 26 for Microsoft Dynamics 365 Business Central April'19 on-premises (Application Build 14.27.47563, Platform Build 14.0.47540)
None None...
Microsoft Disrupts Large, Cloud-Based BEC Campaign
Threat hunters at Microsoft recently uncovered and disrupted infrastructure that powered a large-scale business email compromise BEC campaign. The infrastructure was hosted on multiple cloud platforms, which allowed it to stay under the radar for quite some time. “The attackers performed discrete...
Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign
Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise BEC infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to...
Identifying the Person Behind Bitcoin Fog
The person behind the Bitcoin Fog was identified and arrested. Bitcoin Fog was an anonymization service: for a fee, it mixed a bunch of peoples bitcoins up so that it was hard to figure out where any individual coins came from. It ran for ten years. Identifying the person behind Bitcoin Fog serve...
QR Codes Offer Easy Cyberattack Avenues as Usage Spikes
The use of mobile quick-response QR codes in daily life, for both work and personal use, continues to rise – and yet, most people aren’t aware that these handy mobile shortcuts can open them up to savvy cyberattacks. That’s according to Ivanti, which carried out a survey of 4,157 consumers across...
Cayman Islands Bank Records Exposed in Open Azure Blob
A Cayman Island investment firm has removed years of backups, which up until recently were easily available online thanks to a misconfigured Microsoft Azure blob. The blob’s single URL led to vast stores of files including personal banking information, passport data and even online banking PINs —...
Online Holiday Shopping Scams
With more commerce occurring online this year, and with the holiday season upon us, the Cybersecurity and Infrastructure Security Agency CISA reminds shoppers to remain vigilant. Be especially cautious of fraudulent sites spoofing reputable businesses, unsolicited emails purporting to be from...
A Light at the End of Liberty Reserve’s Demise?
In May 2013, the U.S. Justice Department seized Liberty Reserve, alleging the virtual currency service acted as a $6 billion financial hub for the cybercrime world. Prompted by assurances that the government would one day afford Liberty Reserve users a chance to reclaim any funds seized as part o...