2015 and Financial Services - Information Management Today

JPMorgan Chase's Russian Hacker Pleads Guilty

Data Breach Today

SEPTEMBER 24, 2019

financial services firms and others from 2012 to mid-2015. Andrei Tyurin Stole Details of 83 Million Customers During Cybercrime Campaign Russian national Andrei Tyurin pleaded guilty to perpetrating massive hack attacks against leading U.S.

Financial Services

Integrated Communications & Technologies v.Hewlett-Packard Financial Services Company (D. Mass. Aug. 13, 2020)

eDiscovery Law

AUGUST 12, 2020

Key Insight: Spoliation had occurred, but no default judgment issued. Evidence regarding destruction was allowed, no testimony from plaintiffs regarding unpreserved ESI and adverse inference instruction. Nature of Case: Breach of Contract Electronic Data Involved: Emails and Computers Keywords: adverse inference, sanctions View Case Opinion.

Financial Services

Financial Services Computer and Electronics Communications Data preservation

EU Publishes New NIS2 Cyber Directive Imposing Liability and Obligations on Senior Management

Data Matters

JANUARY 19, 2023

trillion at the end of 2020 (double the figure of 2015) and continues to rise in the EU and globally notably due to ongoing geopolitical conflicts in Ukraine and Russia.

Financial Services

Financial Services Cybersecurity Ransomware Marketing

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

The G7 expresses its concern over ransomware attacks

Security Affairs

OCTOBER 14, 2020

Not only can the financial costs be high, but the disruption to critical sectors, including financial services and healthcare, as well as the exposure of confidential information, can cause severe damage.” “The G7 is committed to working with our financial sectors to combat ransomware. Pierluigi Paganini.

Ransomware

Ransomware IT Financial Services Data Privacy

EventBot, a new Android mobile targets financial institutions across Europe

Security Affairs

APRIL 30, 2020

Security experts from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe. Researchers from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe.

Financial Services

Financial Services Libraries Encryption Authentication

Hackers target financial firms hosting malicious payloads on Google Cloud Storage

Security Affairs

DECEMBER 26, 2018

Researchers at Menlo Labs uncovered a malicious email campaign targeting employees of banks and financial services companies abusing Google Cloud Storage. “Financial Services companies can expect to be the target of even more sophisticated malware and credential phishing attacks,”. ” Menlo Labs concludes.

Cloud

Cloud Financial Services Archiving Phishing

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July. billion per month.

Insurance

Insurance Data breaches Financial Services Passwords

Corporate Finance firms leak 500K+ legal and financial documents online

Security Affairs

MARCH 17, 2020

Advantage and Argus seem to be the same company working under two different names, they offer funding and startup capital to business owners without access to traditional lending and financial services. “Furthermore, a leak like this may attract the attention of US financial and data security regulators.”

Financial Services

Financial Services Access Privacy Security

Oracle critical patch advisory addresses 284 flaws, 33 critical

Security Affairs

JANUARY 18, 2019

The bug affected the OCA’s Diameter Signalling Router component and its Communications Services Gatekeeper. The flaw also affected the Financial Services Analytical Applications Infrastructure, the Fusion Middleware MapViewer, and four three Oracle Retail components.

Financial Services

Financial Services Libraries Mining Retail

France and Germany will block Facebook’s Libra cryptocurrency

Security Affairs

SEPTEMBER 16, 2019

. “Unlike other cryptocurrencies , which are not controlled by a central authority, Libra will not be decentralised , but will be entrusted to a Swiss-based association of major technology and financial services companies. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Financial Services

Financial Services Government IT Security

Ransomware infected systems at Xchanging, a DXC subsidiary

Security Affairs

JULY 6, 2020

Xchanging employs over 7,000 people worldwide and offers IT outsourcing, infrastructure including network managed services, software products and application management. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Securities and Exchange Commission (SEC). Pierluigi Paganini.

Ransomware

Ransomware Insurance Financial Services Manufacturing

Who’s Behind the ‘Web Listings’ Mail Scam?

Krebs on Security

MARCH 23, 2020

Information about who registered Webtechnologiesletter.com is completely hidden behind privacy protection services. web-listingsinc.com 2015-11-06 ENOM, INC.,ENOM, weblistingsreports.net 2015-11-06 ENOM, INC.,ENOM, web-listingsinc.com 2015-11-06 ENOM, INC.,ENOM, weblistingsreports.net 2015-11-06 ENOM, INC.,ENOM,

Sales

Sales Marketing Financial Services IT

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

The credentials are sold for an average of $15.43, the most expensive pairs relate to banking and financial services accounts, with an average price of nearly $71. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the report published by the experts. Pierluigi Paganini.

Marketing

Marketing Passwords Financial Services Access

News Alert: W3C advances technology to streamline payment authentication

The Last Watchdog

JUNE 15, 2023

“Making it easy for people to pay for things online while improving security has been the vision of our working group since we started in 2015,” said Working Group co-Chair Nick Telford-Reed. ” Secure Payment Confirmation Secure Payment Confirmation adds a “user consent layer” above Web Authentication.

Authentication

Authentication Communications Financial Services Retail

Stock trading service Robinhood stored passwords in plaintext for some users

Security Affairs

JULY 25, 2019

Robinhood confirmed to have addressed the issue and the good news for the impacted users is that the financial service hasn’t found evidence that the passwords were accessed by anyone outside its response team. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Passwords

Passwords Financial Services Access Security

NY Attorney General Announces Record Number of Data Breach Notices in 2016

Hunton Privacy

MARCH 23, 2017

On March 21, 2017, New York Attorney General Eric Schneiderman announced that the New York Office of the Attorney General received over 1,300 data breach notifications in 2016, a 60 percent increase from 2015. The reported breaches led to the exposure of personal information of 1.6 million New York residents.

Data breaches

Data breaches Financial Services Cybersecurity Security

Hundreds of malicious Chrome browser extensions used to spy on you!

Security Affairs

JUNE 20, 2020

Malicious Chrome browser extensions were used in a massive surveillance campaign aimed at users working in the financial services, oil and gas, media and entertainment, healthcare, government organizations, and pharmaceuticals. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Healthcare

Healthcare Financial Services Communications Security

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

JANUARY 13, 2019

” The TA505 group was first spotted by Proofpoint back 2017, it has been active at least since 2015 and targets organizations in financial and retail industries. “On December 13, 2018, we observed another large ServHelper “downloader” campaign targeting retail and financial services customers.”

IT

IT Financial Services Retail Ransomware

Recently disclosed Drupal CVE-2019-6340 RCE flaw exploited in the wild

Security Affairs

FEBRUARY 26, 2019

Hackers targeted dozens of Imperva’s customers, including organizations in the government and financial services sectors. “We’ve found dozens of attack attempts aimed at dozens of websites that belong to our customers using this exploit, including sites in government and the financial services industry.”

Financial Services

Financial Services CMS Government Security

Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations

Security Affairs

MARCH 19, 2020

.” The module appears to be under development, but experts pointed out that threat actors already used it to target organizations, mostly in telecoms, education, and financial services sectors. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Financial Services

Financial Services Education Communications IT

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

.” PIONEER KITTEN hackers to date have focused their attacks against entities in North American and Israeli, while targeted sectors include technology, government, defense, healthcare, aviation, media, academic, engineering, consulting and professional services, chemical, manufacturing, financial services, insurance, and retail. .

Access

Access Financial Services Retail Insurance

California IT service provider Synoptek pays ransom after Sodinokibi attack

Security Affairs

JANUARY 5, 2020

Synoptek has more than 1,100 customers across multiple industries, including local governments, financial services, healthcare, manufacturing, media, retail and software. . ” T he IT service provider confirmed the attack but did not comment on whether it paid the ransom asked by the crooks. Pierluigi Paganini.

IT

IT Ransomware Financial Services Retail

Hackers stole $32 million from Bitpoint cryptocurrency exchange

Security Affairs

JULY 12, 2019

“The hacks have prompted greater oversight of crypto exchanges by Japan’s Financial Services Agency but critics says security gaps remain.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” concludes the AFP press.

Financial Services

Financial Services Security IT Data breaches

Critical RCE affects older Diebold Nixdorf ATMs

Security Affairs

JUNE 9, 2019

The focused their analysis on the Spiservice service listening on post 8043. “Look at the output of command, there is a service (Spiservice) which running on port 8043. The SpiService.exe is associated with XFS, the Extension for Financial Services DLL library (MSXFS.dll) that is specifically used by ATMs.”

Libraries

Libraries Communications Financial Services Risk

Global Shipping and mailing services firm Pitney Bowes hit by ransomware attack

Security Affairs

OCTOBER 15, 2019

The Pitney Bowes company announced that a ransomware attack infected its systems and cause a partial system outage that made some of its service unavailable for some customers. Pitney Bowes is a global technology company that provides commerce solutions in the areas of ecommerce, shipping, mailing, data and financial services.

Ransomware

Ransomware Financial Services Access Encryption

Tianfu Cup PWN hacking contest – White hat hackers earn $1 Million for Zero-Day exploits

Security Affairs

NOVEMBER 19, 2018

Other participants were teams from universities, Tencent, financial service provider Ant Financial, and independent researchers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. According to organizers, hackers earned $1,024,000 for a total of 30 vulnerabilities. Pierluigi Paganini.

Financial Services

Financial Services Cybersecurity Security

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Secret Service determined that he ran a massive “money mule” scheme, which used phony job offers to trick people into laundering money stolen from hacked small to mid-sized businesses in the United States. BOTNET, THE MOVIE In 2015, Kovalev reportedly began filming a movie in Russia about cybercrime called “ Botnet.”

Ransomware

Ransomware Government Cybersecurity Blockchain

Hackers stole $60 Million worth of cryptocurrencies from Japanese Zaif exchange

Security Affairs

SEPTEMBER 20, 2018

“Documents seen by Reuters on Thursday showed Japan’s Financial Services Agency would conduct emergency checks on cryptocurrency exchange operators’ management of customer assets, following the theft. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” continues the Reuters.

Financial Services

Financial Services Retail Security IT

SAP April 2019 Security Patch Day addresses High severity flaws in Crystal Reports, NetWeaver

Security Affairs

APRIL 10, 2019

Update to security note release on January 2019 Patch Day: [ CVE-2018-2484 ] Missing Authorization check in SAP Enterprise Financial Services. SAP also addressed an XXE bug in SLD Registration of NetWeaver and ABAP Platform (CVE-2019-0265), and a missing authorization check in Enterprise Financial Services (CVE-2018-2484).

Security

Security Financial Services Risk Access

An ongoing Qbot campaign targeted customers of tens of US banks

Security Affairs

JUNE 18, 2020

link] [link] [link] associated with financial services to capture credentials. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The attackers then use the always-running explorer.exe process to update Qbot from their external command-and-control server. Pierluigi Paganini.

Phishing

Phishing Financial Services Personal data Security

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

NOVEMBER 16, 2020

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. The attackers are attempting to exploit the need to install additional security software when South Korean users visit government or financial services websites. .

Financial Services

Financial Services Phishing Government Security

Microsoft partnered with other security firms to takedown TrickBot botnet

Security Affairs

OCTOBER 12, 2020

This action will result in protection for a wide range of organizations, including financial services institutions, government, healthcare, and other verticals from malware and human-operated campaigns delivered via the Trickbot infrastructure.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security

Security Financial Services Ransomware Access

SAP Security Patch Day for May 2019 fixes many missing authorization checks

Security Affairs

MAY 15, 2019

Five Security Notes included in SAP Security Patch Day for May 2019 addressed missing authorization checks in SAP products, including Treasury and Risk Management, Solution Manager and ABAP managed systems, dbpool administration, and Enterprise Financial Services. . ” reads a blog post published by SAP security firm Onapsis.

Security

Security Financial Services Risk IT

New Trickbot module implements Remote App Credential-Grabbing features

Security Affairs

FEBRUARY 18, 2019

The new variant is being spread via spam emails that pose as tax-incentive notification purporting to be from the financial services company Deloitte. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The new strain of the Trickbot banking trojan that a updated info-stealing module.

Passwords

Passwords Financial Services Encryption Authentication

Why I believe the Blockchain will transform Government

CGI

DECEMBER 11, 2015

Fri, 12/11/2015 - 04:23. You may not yet have come across the Blockchain but it is making waves within the financial services community and is heralded as one of the most significant advances in technology for a generation. Why I believe the Blockchain will transform Government. ravi.kumarv@cgi.com.

Blockchain

Blockchain Government Financial Services Access

Mastercard data breach affected Priceless Specials loyalty program

Security Affairs

AUGUST 23, 2019

The American multinational financial services corporation noti f ied the data breach to the German and Belgian Data Protection Authorities. ” Impacted customers have been notified about the data leak, MasterCard will offer them one-year free credit monitoring and identity theft prevention service. Pierluigi Paganini.

Data breaches

Data breaches Financial Services Passwords Security

Senate Passes Cybersecurity Information Sharing Act

Hunton Privacy

OCTOBER 28, 2015

On October 27, 2015, the U.S. 754 – Cybersecurity Information Sharing Act of 2015 (“CISA”) by a vote of 74 to 21. The Securities Industry and Financial Markets Association’s President and CEO Kenneth E. 1731, the National Cybersecurity Protection Advancement Act of 2015 and H.R. Senate passed S.754 Bentsen Jr.

Cybersecurity

Cybersecurity Privacy Financial Services Government

Pitney Bowes revealed that its systems were infected with Ryuk Ransomware

Security Affairs

OCTOBER 18, 2019

The global shipping and mailing services company Pitney Bowes recently suffered a partial outage of its service caused by a ransomware attack. Pitney Bowes is a global technology company that provides commerce solutions in the areas of ecommerce , shipping, mailing, data and financial services. Pierluigi Paganini.

Ransomware

Ransomware IT Financial Services Access

Malware researchers analyzed an intriguing Java ATM Malware

Security Affairs

JULY 30, 2019

Experts spotted a Java ATM malware that was relying on the XFS (EXtension for Financial Service) API to “ jackpot ” the infected machine. In that case, the malware was relying on the XFS (EXtension for Financial Service) API to “ jackpot ” the infected machine. Introduction. Pierluigi Paganini.

Financial Services

Financial Services Communications Access IT

FCC Seeks to Refresh the TCPA Record

HL Chronicle of Data Protection

MAY 21, 2018

Circuit struck down the FCC’s 2015 interpretation of the definition of “automatic telephone dialing system” (autodialer) as overly broad, arbitrarily vague, and “utterly unreasonable.” FCC , the Federal Communications Commission is going back to the drawing board in a new Public Notice that seeks comment on foundational TCPA issues.

Communications

Communications Financial Services Privacy Government

Akamai Report: Credential stuffing attacks are a growing threat

Security Affairs

SEPTEMBER 25, 2018

In another attack, a large financial services institution received over 350,000 login attempts in just one afternoon. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Most of the credential stuffing attacks were originated in the US (2.82 billion attempts), followed by Russia (1.55

Passwords

Passwords Data breaches Financial Services Retail

Maze ransomware gang discloses data from drug testing firm HMR

Security Affairs

APRIL 8, 2020

. “Consider contacting CIFAS (the UK’s Fraud Prevention Service) to apply for protective registration. Once you’ve registered, you should be aware that CIFAS members will do extra checks to see when anyone, including you, applies for a financial service, such as a loan, using your address.” Pierluigi Paganini.

Ransomware

Ransomware Data breaches Encryption Financial Services

Air Canada data breach – 20,000 users of its mobile app affected

Security Affairs

AUGUST 30, 2018

As a best practice, customers should always monitor their transactions and credit rating carefully and contact their financial services provider immediately if they become aware of any unusual or unauthorized activities.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Data breaches

Data breaches IT Passwords Financial Services

Indonesia Publishes Proposed Data Protection Rule

Hunton Privacy

JULY 17, 2015

On July 14, 2015, pursuant to an implementation requirement of Government Regulation 82 of 2012, the Indonesian government published the Draft Regulation of the Minister of Communication and Information (RPM) of the Protection of Personal Data in Electronic Systems (“Proposed Regulation”).

Personal data

Personal data Archiving Financial Services Communications

JPMorgan Chase's Russian Hacker Pleads Guilty

Integrated Communications & Technologies v.Hewlett-Packard Financial Services Company (D. Mass. Aug. 13, 2020)

Webinars

Trending Sources

EU Publishes New NIS2 Cyber Directive Imposing Liability and Obligations on Senior Management

Webinars

The G7 expresses its concern over ransomware attacks

EventBot, a new Android mobile targets financial institutions across Europe

Hackers target financial firms hosting malicious payloads on Google Cloud Storage

American Insurance firm State Farm victim of credential stuffing attacks

Corporate Finance firms leak 500K+ legal and financial documents online

Oracle critical patch advisory addresses 284 flaws, 33 critical

France and Germany will block Facebook’s Libra cryptocurrency

Ransomware infected systems at Xchanging, a DXC subsidiary

Who’s Behind the ‘Web Listings’ Mail Scam?

15 billion credentials available in the cybercrime marketplaces

News Alert: W3C advances technology to streamline payment authentication

Stock trading service Robinhood stored passwords in plaintext for some users

NY Attorney General Announces Record Number of Data Breach Notices in 2016

Hundreds of malicious Chrome browser extensions used to spy on you!

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Recently disclosed Drupal CVE-2019-6340 RCE flaw exploited in the wild

Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations

Iran-linked APT group Pioneer Kitten sells access to hacked networks

California IT service provider Synoptek pays ransom after Sodinokibi attack

Hackers stole $32 million from Bitpoint cryptocurrency exchange

Critical RCE affects older Diebold Nixdorf ATMs

Global Shipping and mailing services firm Pitney Bowes hit by ransomware attack

Tianfu Cup PWN hacking contest – White hat hackers earn $1 Million for Zero-Day exploits

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Hackers stole $60 Million worth of cryptocurrencies from Japanese Zaif exchange

SAP April 2019 Security Patch Day addresses High severity flaws in Crystal Reports, NetWeaver

An ongoing Qbot campaign targeted customers of tens of US banks

Lazarus malware delivered to South Korean users via supply chain attacks

Microsoft partnered with other security firms to takedown TrickBot botnet

SAP Security Patch Day for May 2019 fixes many missing authorization checks

New Trickbot module implements Remote App Credential-Grabbing features

Why I believe the Blockchain will transform Government

Mastercard data breach affected Priceless Specials loyalty program

Senate Passes Cybersecurity Information Sharing Act

Pitney Bowes revealed that its systems were infected with Ryuk Ransomware

Malware researchers analyzed an intriguing Java ATM Malware

FCC Seeks to Refresh the TCPA Record

Akamai Report: Credential stuffing attacks are a growing threat

Maze ransomware gang discloses data from drug testing firm HMR

Air Canada data breach – 20,000 users of its mobile app affected

Indonesia Publishes Proposed Data Protection Rule

Stay Connected