Analysis, Financial Services, Groups and Security

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. Members of the Trickbot Group publicly gloated over the ease of targeting the medical facilities and the speed with which the ransoms were paid to the group.”

Ransomware

Ransomware Government Cybersecurity Blockchain

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

Krebs on Security

DECEMBER 10, 2020

In 2019, TSYS was acquired by financial services firm Global Payments Inc. Conti is one of several cybercriminal groups that maintains a blog which publishes data stolen from victims in a bid to force the negotiation of ransom payments. .” NYSE:GPN ]. ” TSYS declined to say whether it paid any ransom.

Ransomware

Ransomware Financial Services Access IT

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. VIPRE Security Group’s latest report, “Email Security in 2024: An Expert Insight into Email Threats,” delves into the cutting-edge tactics and technologies embraced by cybercriminals this year. million as malicious.

Security

Security Phishing Communications Financial Services

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign

Security Affairs

DECEMBER 15, 2023

Resecurity has uncovered a meaningful link between three major ransomware groups, BianLian, White Rabbit, and Mario Ransomware. Resecurity’s HUNTER (HUMINT) unit spotted the BianLian , White Rabbit , and Mario ransomware gangs collaborating in a joint extortion campaign targeting publicly-traded financial services firms.

Ransomware

Ransomware Financial Services Cybersecurity Passwords

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Ransomware Artificial Intelligence

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Security Affairs

DECEMBER 26, 2023

Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 100 and government agencies worldwide, has compiled a comprehensive forecast outlining the imminent threats and novel security challenges anticipated in the upcoming year. Recent U.S.

Energy and Utilities

Energy and Utilities Artificial Intelligence Ransomware Data breaches

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

JANUARY 13, 2019

Security researchers at Proofpoint researchers discovered two strains of malware tracked as ServHelper and FlawedGrace distributed through phishing campaigns by the TA505 crime gang. ” reads the analysis published by Proofpoint. ” reads the analysis published by Proofpoint.

IT

IT Financial Services Retail Ransomware

BlackCocaine Ransomware, a new malware in the threat landscape

Security Affairs

JUNE 5, 2021

Recently Cyber researchers for Cyble investigated an attack suffered by on May 30, 2021, by Nucleus Software, an India-based IT company in the Banking and Financial Services sector. The company reported the security breach to the Bombay Stock Exchange (BSE) and the National Stock Exchange of India (NSEI). Pierluigi Paganini.

Ransomware

Ransomware Encryption File names Financial Services

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

IT Governance

NOVEMBER 13, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Some patients also had their Social Security numbers exposed.” Welcome to this week’s round-up of the biggest and most interesting news stories. Approximately 1.3 Records breached: 1.3

Data Privacy

Data Privacy Privacy Security Data breaches

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

The LockBit ransomware group successfully extorted roughly $91 million from approximately 1,700 U.S. According to a joint advisory published by cybersecurity agencies, the LockBit ransomware group has successfully extorted roughly $91 million in about 1,700 attacks against U.S. organizations since 2020. organizations since 2020.

Ransomware

Ransomware Cybersecurity Agriculture Education

SAP April 2019 Security Patch Day addresses High severity flaws in Crystal Reports, NetWeaver

Security Affairs

APRIL 10, 2019

SAP released the April 2019 Security Patch Day that is included 6 Security Notes, two of which address High severity flaws in Crystal Reports and NetWeaver. SAP released 6 Security Notes as part of the April 2019 Security Patch Day, two of which address High severity flaws in Crystal Reports and NetWeaver.

Security

Security Financial Services Risk Access

Experts linked ransomware attacks to China-linked APT27

Security Affairs

JANUARY 4, 2021

Researchers from security firms Profero and Security Joes linked a series of ransomware attacks to the China-linked APT27 group. Security researchers from security firms Profero and Security Joes investigated a series of ransomware attacks against multiple organizations and linked them to China-linked APT groups.

Ransomware

Ransomware Encryption Financial Services Cybersecurity

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July.

Insurance

Insurance Data breaches Financial Services Passwords

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

Agent Tesla , first discovered in late 2014, is an extremely popular “malware-as-a-service” Remote Access Trojan (RAT) tool used by threat actors to steal information such as credentials, keystrokes, clipboard data and other information from its operators’ targets. Follow me on Twitter: @securityaffairs and Facebook.

Financial Services

Financial Services Retail Education Information Security

LockFile Ransomware uses a new intermittent encryption technique

Security Affairs

AUGUST 31, 2021

The popular security expert Kevin Beaumont was one of the first researchers to report that the LockFile operators are using the Microsoft Exchange ProxyShell and the Windows PetitPotam vulnerabilities to take over Windows domains. The ransom note is an HTML Application (HTA) file (e.g., LOCKFILE-README-[hostname]-[id].hta’)

Encryption

Encryption Ransomware Financial Services Manufacturing

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Fowler sent a responsible disclosure notice when he discovered the database and it was secured the following day. Date breached: 384,658,212 records. North Hill Home Health Care, Inc.,

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

NOVEMBER 16, 2020

North Korea-linked Lazarus APT group is behind new campaigns against South Korean supply chains that leverage stolen security certificates. . Security experts from ESET reported that North-Korea-linked Lazarus APT (aka HIDDEN COBRA ) is behind cyber campaigns targeting South Korean supply chains.

Financial Services

Financial Services Phishing Government Security

The largest Russian bank Sberbank hit by a massive DDoS attack

Security Affairs

NOVEMBER 9, 2023

Sberbank , the Russian banking and financial services giant, announced that it was recently hit by a record-breaking distributed denial of service (DDoS) attack that reached 1 million RPS. Then it did not affect the availability of bank services. reads the post published by Google.

Personal data

Personal data Financial Services Marketing Cloud

Exclusive: Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service

Security Affairs

MAY 10, 2022

Frappo” is actively advertised in the Dark Web and on Telegram where it has a group with over 1,965 active members – there cybercriminals discuss how successful they’ve been at attacking the customers of various online services. Detailed analysis of the Phishing-As-A-Service Frappo is available here: [link].

Phishing

Phishing Retail Financial Services Data breaches

Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks

Security Affairs

SEPTEMBER 10, 2018

Security experts observed the LuckyMouse APT group using a digitally signed 32- and 64-bit network filtering driver NDISProxy in recent attacks. The APT group has been active since at least 2010, the crew targeted U.S. defense contractors and financial services firms worldwide. ” concludes Kaspersky.

Communications

Communications Financial Services Phishing Encryption

Critical RCE affects older Diebold Nixdorf ATMs

Security Affairs

JUNE 9, 2019

Automated teller machine vendor Diebold Nixdorf has released security updates to address a remote code execution vulnerability in older ATMs. Diebold Nixdorf discovered a remote code execution vulnerability in older ATMs and is urging its customers in installing security updates it has released to address the flaw. Pierluigi Paganini.

Libraries

Libraries Communications Financial Services Risk

Emissary Panda updated its weapons for attacks in the past 2 years

Security Affairs

MARCH 1, 2019

Experts analyzed tools and intrusion methods used by the China-linked cyber-espionage group Emissary Panda in attacks over the past 2 years. The Emissary Panda APT (aka LuckyMouse , APT27, Threat Group 3390, and Bronze Union) has been active since 2010, targeted organizations worldwide, including U.S. ” continues the analysis.

IT

IT File names Financial Services Communications

New Trickbot module implements Remote App Credential-Grabbing features

Security Affairs

FEBRUARY 18, 2019

The new variant is being spread via spam emails that pose as tax-incentive notification purporting to be from the financial services company Deloitte. ” concludes the analysis. The post New Trickbot module implements Remote App Credential-Grabbing features appeared first on Security Affairs. Pierluigi Paganini.

Passwords

Passwords Financial Services Encryption Authentication

“Cryptoassets are here to stay”: EU Authorities to Provide Guidance on Cryptocurrencies and ICOs

Data Matters

SEPTEMBER 12, 2018

As part of the public discussion, the Commission, the European Securities and Markets Authority (ESMA), the European Banking Authority (EBA) and the UK Financial Conduct Authority (FCA) were present to provide their thoughts. Firms interested in cryptoassets should watch for EU regulatory guidance later this year.

Financial Services

Financial Services Marketing Privacy IT

Identifying E-signature Requirements to Accelerate Digital Adoption and Meet Global Compliance

AIIM

OCTOBER 15, 2018

Hence the concept of electronic identification and trust services ( eIDAS ) as defined in EU regulation 910/2014 is centered around trust and security and certificate-based signing. Go for a holistic four-dimensional requirements analysis. Millennials or Generation X).

Compliance

Compliance Insurance Digital transformation Authentication

Malware researchers analyzed an intriguing Java ATM Malware

Security Affairs

JULY 30, 2019

Experts spotted a Java ATM malware that was relying on the XFS (EXtension for Financial Service) API to “ jackpot ” the infected machine. In that case, the malware was relying on the XFS (EXtension for Financial Service) API to “ jackpot ” the infected machine. Security Affairs – Java ATM malware, hacking).

Financial Services

Financial Services Communications Access IT

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

Security Affairs

APRIL 30, 2020

Group-IB uncovered a new sophisticated phishing campaign, tracked as PerSwaysion, against high-level executives of more than 150 companies worldwide. . ybercriminals behind the PerSwaysion campaign gained access to many confidential corporate MS Office365 emails of mainly financial service companies, law firms, and real estate groups.

Phishing

Phishing Financial Services Cloud Authentication

IBM teams up with organizations on AI incubator for social impact

IBM Big Data Hub

MARCH 2, 2022

Alabama Appleseed is a public policy and direct service organization based in Montgomery and Birmingham that uses policy analysis, original research, public education, and community organizing to build a more just and equitable Alabama.

Data science

Data science Analytics Education Financial Services

Regulatory Update: NAIC Summer 2019 National Meeting

Data Matters

SEPTEMBER 4, 2019

Securities and Exchange Commission on June 5, 2019, broker-dealers and associated persons are required to act in the best interest of a retail customer when recommending a securities transaction or investment strategy involving securities to a retail customer.

Insurance

Insurance Paper Risk Analytics

UK FCA Consults on Changes to Strong Consumer Authentication, Dedicated Interfaces, and Guidance on Payment Services

Data Matters

FEBRUARY 25, 2021

This follows the FCA’s announcement in its 2020-21 business plan that payment services were one of its main supervisory priorities 1 and its temporary guidance of July 9, 2020, on prudential risk management and safeguarding in light of the COVID-19 pandemic ( Temporary COVID Guidance ). Transaction risk analysis.

Authentication

Authentication Paper Risk Insurance

FRANCE: CNIL adopts new single authorization on fraud prevention systems

DLA Piper Privacy Matters

SEPTEMBER 29, 2017

Pursuant to several provisions of the French Code Monétaire et Financier , entities from the banking and financial sector are required to implement processes and strategies to detect, measure and manage operational risks within their group (on a consolidated basis).

Personal data

Personal data Financial Services Risk Insurance

Was RI Advice a watershed for cybersecurity law in Australia or a damp squib?

Data Protection Report

MAY 25, 2022

In this article we distil critical lessons from the Federal Court’s recent decision in Australian Securities and Investments Commission v RI Advice Group Pty Ltd [1] and practical actions to be taken by Boards and executive management. Introduction.

Cybersecurity

Cybersecurity Risk Financial Services Retail

How ATB Financial drives agile data ops with Collibra and GCP

Collibra

MARCH 23, 2021

ATB Financial provides a diversified set of financial services to more than 770,000 residents of Alberta, Canada. Being a regionally focused institution, the group is dedicated to knowing its customers intimately, understanding their needs and providing products and services that help them achieve their goals.

Cloud

Cloud Government Access Metadata

Ransomware Protection in 2021

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. Raising awareness about ransomware is a baseline security measure. As training sessions have little influence over staff for every potential attack, it makes added security more imperative.

Ransomware

Ransomware Encryption Insurance Cloud

Best Managed Security Service Providers (MSSPs)

eSecurity Planet

JANUARY 27, 2022

As threats mount from ransomware gangs , Russian-backed hacker groups , and other nation-sponsored attackers and as the growth in remote work makes security management increasingly complicated, many companies are finding it makes sense to turn to a managed security service provider (MSSP) for help with handling an extremely complex threat landscape.

Security

Security Cloud Compliance Analytics

Institutional Investor’s Introduction to Blockchain and Digital Asset Investing

Data Matters

NOVEMBER 2, 2021

We will also discuss a developing range of services referred to as digital asset “prime brokerage” — describing the suite of services typically provided by these prime brokers and comparing them to traditional offerings of prime brokers in the securities space. CME Futures on Bitcoin and Ethereum.

Blockchain

Blockchain Marketing Access Risk

Ireland: DPC Produces “Significant Outputs” for 2022 Concluding 17 Large Scale Inquiries

DLA Piper Privacy Matters

MARCH 30, 2023

Our analysis of the Meta (Instagram) decision can be read here. The case was taken after SIPTU (a trade union) inadvertently sent an email with the names and addresses of claimants to a group of other SIPTU members.

Personal data

Personal data GDPR Compliance Financial Services

Infosource Global Capture & IDP Vertical Market Analysis 2022-2023 Update

Info Source

DECEMBER 8, 2023

In our vertical market sizing and analysis, we cover horizontal use cases e.g., accounting, HR management, as well as vertical specific use cases e.g., bank account opening, mortgage processing and insurance claims processing. grade schools), is the second largest group of verticals.

Marketing

Marketing Customer Experience Energy and Utilities Digital transformation

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

Security Affairs

NOVEMBER 8, 2021

In the middle of September, the FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warned that nation-state APT groups were actively exploiting the CVE-2021-40539 flaw. ” reads the analysis published by Palo Alto Networks. ” continues the analysis. “As early as Sept.

Communications

Communications Blockchain Passwords Financial Services

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

IT Governance

DECEMBER 11, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Researchers from the German cyber security company Aplite discovered 3,806 servers from 111 countries accessible on the Internet. Data breached: more than 59 million data records.

Data Privacy

Data Privacy Energy and Utilities Privacy Manufacturing

The Week in Cyber Security and Data Privacy: 8 – 14 January 2024

IT Governance

JANUARY 16, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Source 1 ; source 2 (Update) Professional services USA Yes 56,457 Highlands Oncology Group Source 1 ; source 2 ; source 3 (Update) Healthcare USA Yes 55,297 Charm Sciences, Inc.

Data Privacy

Data Privacy Privacy Manufacturing Retail

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C.

Data Privacy

Data Privacy Privacy Security Data breaches

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

IT Governance

JANUARY 23, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Source (New) Cyber security India Yes 54 GB Arden Claims Service Source (New) Finance USA Yes 50,032 Ashford Inc. VF Corporation confirms 35.5 million customers’ data.

Data Privacy

Data Privacy Privacy Manufacturing Retail

Google TAG report Q1 details about nation-state hacking and disinformation

Security Affairs

MAY 28, 2020

Google Threat Analysis Group (TAG) has published today its first TAG quarterly report that analyzes rising trends in nation-state and financially motivated attacks. The Google TAG also investigated groups that have also engaged in coordinated social and political influence campaigns. Pierluigi Paganini.

Financial Services

Financial Services Government Phishing Marketing

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

Webinars

Trending Sources

Unmasking 2024’s Email Security Landscape

Webinars

BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Resecurity Released a 2024 Cyber Threat Landscape Forecast

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

BlackCocaine Ransomware, a new malware in the threat landscape

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

Cybersecurity agencies published a joint LockBit ransomware advisory

SAP April 2019 Security Patch Day addresses High severity flaws in Crystal Reports, NetWeaver

Experts linked ransomware attacks to China-linked APT27

American Insurance firm State Farm victim of credential stuffing attacks

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

LockFile Ransomware uses a new intermittent encryption technique

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

Lazarus malware delivered to South Korean users via supply chain attacks

The largest Russian bank Sberbank hit by a massive DDoS attack

Exclusive: Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service

Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks

Critical RCE affects older Diebold Nixdorf ATMs

Emissary Panda updated its weapons for attacks in the past 2 years

New Trickbot module implements Remote App Credential-Grabbing features

“Cryptoassets are here to stay”: EU Authorities to Provide Guidance on Cryptocurrencies and ICOs

Identifying E-signature Requirements to Accelerate Digital Adoption and Meet Global Compliance

Malware researchers analyzed an intriguing Java ATM Malware

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

IBM teams up with organizations on AI incubator for social impact

Regulatory Update: NAIC Summer 2019 National Meeting

UK FCA Consults on Changes to Strong Consumer Authentication, Dedicated Interfaces, and Guidance on Payment Services

FRANCE: CNIL adopts new single authorization on fraud prevention systems

Was RI Advice a watershed for cybersecurity law in Australia or a damp squib?

How ATB Financial drives agile data ops with Collibra and GCP

Ransomware Protection in 2021

Best Managed Security Service Providers (MSSPs)

Institutional Investor’s Introduction to Blockchain and Digital Asset Investing

Ireland: DPC Produces “Significant Outputs” for 2022 Concluding 17 Large Scale Inquiries

Infosource Global Capture & IDP Vertical Market Analysis 2022-2023 Update

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

The Week in Cyber Security and Data Privacy: 8 – 14 January 2024

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

Google TAG report Q1 details about nation-state hacking and disinformation

Stay Connected