Managed Detection & Response for Financial Services

Data Breach Today

Phishing. These are among the top threats to financial institutions of all sizes. Ransomware. Credential stuffing. But small-to-midsized ones are particularly challenged to detect and respond to threats. Arctic Wolf's Todd Thiemann discusses the value of managed detection and response

New York Department of Financial Services Released New Guidance Addressing COVID-19 Related Cybersecurity Risks

HL Chronicle of Data Protection

Continuing its focus on COVID-19’s impact on its regulated entities, on April 13, the New York Department of Financial Services (NYDFS) released new cybersecurity guidance in response to the COVID-19 pandemic. Increased Phishing and Fraud.


Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Embracing new ways of working in financial services


Embracing new ways of working in financial services. In times of crisis, the preservation of key functions and services is critical, regardless of industry. Customer service. In a crisis like this, the financial welfare of many customers is seriously threatened.

Phishing Campaigns Target Senior Executives via Office 365

Data Breach Today

Top Victims Include Financial Services and Law Firms, Group-IB Warns A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB.

NY Department of Financial Services Issues Guidance to Regulated Entities Regarding Cybersecurity During the COVID-19 Pandemic

Hunton Privacy

On April 13, 2020, the New York Department of Financial Services (“NYDFS”) issued guidance (“April guidance”) to all New York State entities covered under NYDFS’s cybersecurity regulation regarding assessing and addressing heightened cybersecurity risks due to the COVID-19 pandemic.

Phishing Campaign Targets 200M Microsoft 365 Accounts

Dark Reading

A well-organized email spoofing campaign has been seen targeting financial services, insurance, healthcare, manufacturing, utilities, and telecom

SHARED INTEL: Microsoft discloses how the Nobelium hacking ring engages in routine phishing

The Last Watchdog

And yet, for all of its sophistication, Nobelium also engages in routine phishing campaigns to get a foothold in targeted organizations. Microsoft said it notified the targeted 150 organizations, which included “IT companies (57%), followed by government (20%), and smaller percentages for non-governmental organizations and think tanks, as well as financial services.”

'Hack-for-Hire' Groups Spoof WHO Emails to Steal Data

Data Breach Today

Google: Hackers Using COVID-19 Phishing Themes to Target Businesses "Hack-for-hire" groups operating in India are spoofing World Health Organization emails to steal credentials from financial services and healthcare firms around the world, according to Google's Threat Analysis Group

OnDemand | From Endpoint to Cloud: 2021 Best Practices for Securing a Data Path

Data Breach Today

50% of phishing attacks targeting financial services intend on stealing corporate login credentials View this session to learn why mobile threat exposures continue to increase & best practices for mitigating the threats

How Multi-factor Authentication Can Benefit Your Industry

Rocket Software

Financial services organizations typically experience the most data breaches and hacks, which makes security a priority. Benefits for Financial Services. Since the pandemic began in March, data hacks, including simple phishing attacks, have been on the rise.

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

Security Affairs

Group-IB uncovered a new sophisticated phishing campaign, tracked as PerSwaysion, against high-level executives of more than 150 companies worldwide. . PerSwaysion is a highly-targeted phishing campaign. PerSwaysion campaign is a series of Malware-as-a-Service-based operations.

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

Social engineering, especially phishing, continues to trigger the vast majority of breach attempts. Lucy’s’s software allows companies to easily set-up customizable mock attacks to test employees’ readiness to avoid phishing, ransomware and other attacks with a social engineering component. This is stunning: phishing attacks soared in 2018, rising 250% between January and December, according to Microsoft’s Security Intelligence Report.

Attackers Use Bots to Circumvent Some Two-Factor Authentication Systems

eSecurity Planet

Underground services are cropping up that are designed to enable bad actors to intercept one-time passwords (OTPs), which are widely used in two-factor authentication programs whose purpose is to better protect customers’ online accounts. OTP Interception Services Emerge.

Fake Microsoft Teams notifications aim at stealing Office365 logins

Security Affairs

Phishing attacks impersonating notifications from Microsoft Teams targeted as many as 50,000 Teams users to steal Office365 logins. This tactic is employed in an attempt to bypass malicious link detection used by email protection services.”.

How Microsoft Word “Protected View” Stops Information Leaks


Someone engaging in spear phishing could employ Word-based web trackers to learn more about the type of desktop computer and operating system a target is using, helping the spear phisher tune his or her strategy for further attack. The most important action you can take is to maintain awareness and view all inbound emails and file attachments skeptically to avoid being phished. Make sure you use two-factor authentication for all services that offer them.

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Krebs on Security

One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim’s funds via Zelle , a “peer-to-peer” (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family.

IT 258

USAID Email Phishing Campaign Shows Supply Chain Threats Continue

eSecurity Planet

Agency for International Development (USAID) to launch phishing campaigns against a broad array of targets. In addition, the COVID-19 pandemic drove a rapid shift to remote work , which fueled the demand for more outside help and cloud services.

Report shows increase in social engineering

IT Governance

The report found that about 55% of social media attacks that impersonated customer-support accounts specifically targeted the customers of financial services companies. Dropbox was revealed as the top lure for phishing attacks. There were twice as many phishing messages sent using Dropbox compared to the next popular method. It is now more important than ever to train your staff on the risks of phishing attacks.

U.S. Indicts North Korean Hackers in Theft of $200 Million

Krebs on Security

Prosecutors say the hackers were part of an effort to circumvent ongoing international financial sanctions against the North Korean regime. million in August 2020 from a financial services company based in New York. The U.S.

The Rise of One-Time Password Interception Bots

Krebs on Security

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. An ad for the OTP interception service/bot “SMSRanger.”

Ransomware Protection in 2021

eSecurity Planet

This includes active tagging of workloads, threat hunting , and virus assessments, and consistent evaluation of traffic for mission-critical applications, data, or services. Healthcare and financial services are the most attacked industries.

SHARED INTEL: Akamai reports web attack traffic spiked 62 percent in 2020 — all sectors hit hard

The Last Watchdog

billion hitting financial services organizations — an increase of more than 45 percent year-over-year in that sector. billion web app attacks last year, with more than 736 million targeting financial services. However, in the financial services industry, LFI attacks were the number one web application attack type in 2020 at 52 percent, with SQLi at 33 percent and Cross-Site Scripting at 9 percent.

Ransomware at IT Services Provider Synoptek

Krebs on Security

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources.

The G7 expresses its concern over ransomware attacks

Security Affairs

Experts are observing a significant increase in the number of Ransomware attacks against hospitals, financial institutions, schools, and other critical infrastructure in G7 countries. “The G7 is committed to working with our financial sectors to combat ransomware.

IT 96

NYDFS settles cybersecurity regulation matter for $1.8 million

Data Protection Report

On May 13, 2021, the New York Department of Financial Services (NYDFS) announced a $1.8 This matter began when insurance affiliate #1, licensed by NYDFS, discovered a phishing email in September of 2018.

NYDFS settles cybersecurity regulation matter for $3 million

Data Protection Report

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. NSC learned that the threat actor likely gained access through a phishing email.

SHARED INTEL: ‘Credential stuffers’ leverage enduring flaws to prey on video game industry

The Last Watchdog

When you have a victim that came from a phishing attack on the financial services industry for example, and then later you obtain that victim’s gaming details, if there is a match on email addresses, username, address, etc. Some of the credential stuffing attacks can be traced back to existing data breaches or phishing. You get an email, click the link, and you’re able to access the application or service.

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July. Credential stuffing attacks involve botnets to try stolen login credentials usually obtained through phishing attacks and data breaches.

HTML Smuggling Techniques on the Rise: Microsoft

eSecurity Planet

Bad actors are increasingly using a technique called HTML smuggling to deliver ransomware and other malicious code in email campaigns aimed at financial services firms and other organizations, according to Microsoft researchers.

Hackers target financial firms hosting malicious payloads on Google Cloud Storage

Security Affairs

Researchers at Menlo Labs uncovered a malicious email campaign targeting employees of banks and financial services companies abusing Google Cloud Storage. Threat actors hosted the malicious payloads on, which is associated with Google Cloud Storage service. “In all of these cases, the malicious payload was hosted on, the domain of the Google Cloud Storage service that is used by countless companies.

NYDFS Issues Ransomware Guidance Outlining Expected Security Controls

Hunton Privacy

On June 30, 2021, the New York State Department of Financial Services (“NYDFS,” the “Department”) issued guidance to all New York state regulated entities on ransomware (the “Guidance”), identifying controls it expects regulated companies to implement whenever possible.

The compliance challenges of hybrid working

IT Governance

For example, financial services firms may be worried about employees breaching insider trading laws. For example, there are several phishing campaigns in which scammers replicate automated notifications of file shares to capture people’s login credentials.

DLA Piper Privacy Matters - Untitled Article

DLA Piper Privacy Matters

The largest amount of notifications were made in the following sectors: Healthcare (29%); Public administration (26%); Financial services (17%). The remaining 37% of the notifications concern lost personal data, such as through lost or stolen laptops, USB sticks, hacking, phishing or malware. NETHERLANDS: Dutch Data Protection Authority received record amount of data breach notifications in 2018.

Multi-Factor Authentication Best Practices & Solutions

eSecurity Planet

Many services now send alerts or require additional authentication when you log into their service from a new device. Banking, financial services, and insurance industries constitute the largest share of adopters, with North America leading adoption, according to Orbis Research.

Billions of FBS Records Exposed in Online Trading Broker Data Leak

Security Affairs

comprised millions of confidential records including names, passwords, email addresses, passport numbers, national IDs, credit cards, financial transactions and more. Despite containing very sensitive financial data, the server was left open without any password protection or encryption.

Combat the increasing ransomware threat by educating employees

IT Governance

Healthcare was the most affected industry (76%) and financial services the least (45%). Our Phishing and Ransomware – Human patch e-learning course explains the threats that ransomware presents to organisations, and gives details of the resources available to help you understand and combat those threats. This ten-minute course provides an introduction to phishing and ransomware. We also offer a more detailed Phishing Staff Awareness Course.

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

Proofpoint analyzed two strains of malware tracked as ServHelper and FlawedGrace distributed through phishing campaigns by the TA505 crime gang. Security researchers at Proofpoint researchers discovered two strains of malware tracked as ServHelper and FlawedGrace distributed through phishing campaigns by the TA505 crime gang. “On December 13, 2018, we observed another large ServHelper “downloader” campaign targeting retail and financial services customers.”

An ongoing Qbot campaign targeted customers of tens of US banks

Security Affairs

Researchers uncovered an ongoing campaign delivering the Qbot malware to steal credentials from customers of dozens of US financial institutions. financial institutions and two banks in Canada and the Netherlands.

Google TAG report Q1 details about nation-state hacking and disinformation

Security Affairs

Google Threat Analysis Group (TAG) has published today its first TAG quarterly report that analyzes rising trends in nation-state and financially motivated attacks.

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

In August, F-Secure Labs experts observed a spear-phishing campaign targeting an organization in the cryptocurrency industry. The attackers are attempting to exploit the need to install additional security software when South Korean users visit government or financial services websites. .