2018 and Financial Services - Information Management Today

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

Krebs on Security

DECEMBER 10, 2020

TSYS provides payment processing services, merchant services and other payment solutions, including prepaid debit cards and payroll cards. In 2019, TSYS was acquired by financial services firm Global Payments Inc. NYSE:GPN ]. “We immediately contained the suspicious activity and the business is operating normally.”

Ransomware

Ransomware Financial Services Access IT

September 2018 Security Notes address a total of 14 flaws in SAP products

Security Affairs

SEPTEMBER 12, 2018

SAP today just released the September 2018 set of Security Notes that address a total of 14 flaws in its products, including a critical flaw in SAP Business Client. The September 2018 Security Patch Day includes other 13 Security Notes, three were rated High severity, 9 Medium risk, and 1 Low severity. 2.0 ( CVE-2018-2465).

Security

Security Financial Services Libraries Authentication

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

According to a filing (PDF) by the New York State Department of Financial Services (DFS), the weakness that exposed the documents was first introduced during an application software update in May 2014 and went undetected for years.

Insurance

Insurance Financial Services Mining Access

Webinars

Maximizing Profit and Productivity: The New Era of AI-Powered Accounting

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July. billion per month.

Insurance

Insurance Data breaches Financial Services Passwords

Corporate Finance firms leak 500K+ legal and financial documents online

Security Affairs

MARCH 17, 2020

The application was launched in January 2018, but it is currently no longer available for download. Advantage and Argus seem to be the same company working under two different names, they offer funding and startup capital to business owners without access to traditional lending and financial services.

Financial Services

Financial Services Access Privacy Security

Oracle critical patch advisory addresses 284 flaws, 33 critical

Security Affairs

JANUARY 18, 2019

The bug affected the OCA’s Diameter Signalling Router component and its Communications Services Gatekeeper. The flaw also affected the Financial Services Analytical Applications Infrastructure, the Fusion Middleware MapViewer, and four three Oracle Retail components. ” reads the d escription provided by.

Financial Services

Financial Services Libraries Mining Retail

OpenText STP Financial Hub revolutionizes workflows in the Financial Services sector

OpenText Information Management

OCTOBER 24, 2018

It’s been a busy 2018 here on our OpenText™ Straight Through Processing (STP) for Securities (STP Financial Hub) platform, with many new clients discovering the benefits of our powerful workflow engine and flexible connectivity methods, along with our constant improvement and enhancement process for our existing clients.

Financial Services

Financial Services Security Digital transformation B2B

SAP April 2019 Security Patch Day addresses High severity flaws in Crystal Reports, NetWeaver

Security Affairs

APRIL 10, 2019

Update to security note release on January 2019 Patch Day: [ CVE-2018-2484 ] Missing Authorization check in SAP Enterprise Financial Services. SAP also addressed an XXE bug in SLD Registration of NetWeaver and ABAP Platform (CVE-2019-0265), and a missing authorization check in Enterprise Financial Services (CVE-2018-2484).

Security

Security Financial Services Risk Access

Mysterious custom malware used to steal 1.2TB of data from million PCs

Security Affairs

JUNE 11, 2021

million Windows systems between 2018 and 2020. The software includes illegal Adobe Photoshop 2018, a Windows cracking tool, and several cracked games.” million unique email addresses, NordLocker found, for an array of different apps and services. terabyte of stolen data. The database includes 6.6 million computers.

Computer and Electronics

Computer and Electronics Archiving Encryption Passwords

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

JANUARY 13, 2019

“In November 2018, TA505 , a prolific actor that has been at the forefront of this trend, began distributing a new backdoor we named “ServHelper”. “On December 13, 2018, we observed another large ServHelper “downloader” campaign targeting retail and financial services customers.” WIZ documents.

IT

IT Financial Services Ransomware Retail

Financial Services Data – More at risk than you’d believe

Thales Cloud Protection & Licensing

DECEMBER 5, 2018

One of the top findings from the 2018 Thales Data Threat Report, Financial Services Edition was that data breaches in U.S. financial services organizations are increasing at an alarming rate. Not only are breaches at record highs – with 65% of U.S. Does your organization need some of that?

Financial Services

Financial Services Risk Digital transformation Data breaches

SEC announces sanctions against entities over email account hacking

Security Affairs

SEPTEMBER 1, 2021

The sanctioned entities are Cetera (Advisor Networks, Investment Services, Financial Specialists, Advisors, and Investment Advisers), Cambridge Investment Research (Investment Research and Investment Research Advisors), and KMS Financial Services.

Financial Services

Financial Services Cybersecurity Security Cloud

Digital transformation in Financial Services requires a rethink of identity management

OpenText Information Management

FEBRUARY 13, 2018

The recent Gartner’s 2018 CIO Agenda Survey found that digital transformation is more important for banking than any other industry sector. The CIOs talked about enabling technologies such as AI, APIs and analytics.

Digital transformation

Digital transformation Financial Services Analytics

Tianfu Cup 2019 Day 1 – Chinese experts hacked Chrome, Edge, Safari, Office365

Security Affairs

NOVEMBER 17, 2019

Chinese white hat hackers have a long story of success, they won several international hacking contests in the past, but in 2018 the Chinese government prohibited Chinese experts in participating this kind of competition abroad. Since the decision of the Chinese Government, the TianfuCup was set up for the first time in the fall of 2018.

Financial Services

Financial Services Government Security Cybersecurity

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

” PIONEER KITTEN hackers to date have focused their attacks against entities in North American and Israeli, while targeted sectors include technology, government, defense, healthcare, aviation, media, academic, engineering, consulting and professional services, chemical, manufacturing, financial services, insurance, and retail. .

Access

Access Financial Services Retail Insurance

Iran-linked Tortoiseshell APT behind watering hole attacks on shipping and logistics Israeli websites

Security Affairs

MAY 24, 2023

Iran-linked threat actor Tortoiseshell targeted shipping, logistics, and financial services companies in Israel with watering hole attacks. The expert spotted the Iranian group in 2018, but they speculate that it has been active for a longer time.

Financial Services

Financial Services Security Cybersecurity IT

Emissary Panda updated its weapons for attacks in the past 2 years

Security Affairs

MARCH 1, 2019

defense contractors , financial services firms, and a national data center in Central Asia. “In 2018, CTU researchers identified evidence of BRONZE UNION leveraging tools that have been publicly available for years. However, the variants used in 2018 included updated code.”

IT

IT File names Financial Services Communications

Tianfu Cup PWN hacking contest – White hat hackers earn $1 Million for Zero-Day exploits

Security Affairs

NOVEMBER 19, 2018

Other participants were teams from universities, Tencent, financial service provider Ant Financial, and independent researchers. Recently participants to another contest, the Zero Day Initiative’s Pwn2Own Tokyo 2018 earned over $300,000 for disclosing flaws affecting iPhone X, Xiaomi Mi 6 and Samsung Galaxy S9 smartphones.

Financial Services

Financial Services Cybersecurity Security

New York State Department of Financial Services Challenges OCC Authority on Fintech Charters

Data Matters

SEPTEMBER 20, 2018

On July 31, 2018, the U.S. Office of the Comptroller of the Currency (OCC) announced its decision (the Fintech Charter Decision) to begin accepting applications from financial technology (fintech) companies for special purpose national bank charters. DFS’s September 14, 2018 Complaint. Prior OCC Publications.

Financial Services

Financial Services Paper Marketing Privacy

Missing the GDPR deadline of May 2018: And then what?

Data Protector

AUGUST 19, 2017

As May 2018 looms, I’m aware of a growing number of companies that are seeking help with their GDPR compliance obligations. While it contains standards that many responsible organisations would wish to aim for, I have no idea how many organisations within Europe really will be fully compliant by May 2018.

GDPR

GDPR Compliance Records Management Financial Services

Akamai Report: Credential stuffing attacks are a growing threat

Security Affairs

SEPTEMBER 25, 2018

Billion malicious login attempts from bots in May and June, an overall number of 30 billion malicious logins were observed between November 2017 and June 2018, an average of 3.75 In another attack, a large financial services institution received over 350,000 login attempts in just one afternoon. The experts detected 8.3

Passwords

Passwords Data breaches Financial Services Retail

NY Department of Financial Services Issues Reminder for Cybersecurity Filing Deadline

Hunton Privacy

JANUARY 24, 2018

On January 22, 2018, the New York Department of Financial Services (“NYDFS”) issued a press release reminding entities covered by its cybersecurity regulation that the first certification of compliance with the regulation is due on or prior to February 15, 2018.

Financial Services

Financial Services Cybersecurity Compliance Insurance

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

However, documents from New York financial regulators show First American was unable to determine whether records were accessed prior to Jun 2018 (one year prior to fixing the weakness). According to the FBI, BEC scams are the most costly form of cybercrime today.

Insurance

Insurance Risk Financial Services Mining

Air Canada data breach – 20,000 users of its mobile app affected

Security Affairs

AUGUST 30, 2018

22-24, 2018, it added that financial data was protected but invited to remain vigilant for fraudulent credit card transactions. 22-24, 2018. The news was confirmed by Air Canada that revealed to have detected unusual login behaviour with Air Canada’s mobile App between Aug.

Data breaches

Data breaches IT Passwords Financial Services

Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks

Security Affairs

SEPTEMBER 10, 2018

defense contractors and financial services firms worldwide. In March 2018, security experts at Kaspersky Lab have observed an attack powered by the Chinese APT group, the experts speculate the campaign was started in the fall of 2017. The APT group has been active since at least 2010, the crew targeted U.S.

Communications

Communications Financial Services Government Phishing

Credit Union Sues Fintech Giant Fiserv Over Security Claims

Krebs on Security

MAY 3, 2019

A Pennsylvania credit union is suing financial industry technology giant Fiserv , alleging that “baffling” security vulnerabilities in the company’s software are “wreaking havoc” on its customers. Brookfield, Wisc. based Fiserv [ NASDAQ:FISV ] is a Fortune 500 company with 24,000 employees and $5.8

Security

Security Passwords Financial Services Sales

Customer experience in Financial Services

OpenText Information Management

JUNE 6, 2018

In a recent blog, I wrote about the increasing prominence of AI in financial services. It’s a hot topic that’s topping the agenda of most financial … The post Customer experience in Financial Services appeared first on OpenText Blogs. The other session I’ll be holding is around customer experience.

Customer Experience

Customer Experience Financial Services Analytics

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. The post New York Department of Financial Services Issues First Guidance by a U.S. Issuance of the Framework is notable as it represents the first official guidance by a U.S. 1 See W.B.

Insurance

Insurance Financial Services Cybersecurity Risk

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

Sophisticated cyber attacks are biggest technology concern in 2018

IT Governance

JANUARY 10, 2018

New report reveals technology concerns for financial and public sectors in 2018. In 2018, organisations are looking at ‘when’ they will be attacked, not ‘if’. According to a recent study from Invotra , the financial services industry and the public sector both fear sophisticated, harmful cyber threats in 2018.

Customer Experience

Customer Experience Financial Services GDPR Phishing

4 Industries That Have to Fight the Hardest Against Cyberattacks

Security Affairs

DECEMBER 4, 2018

There are also instances of hospitals being unable to perform fundamental services. In November 2018, a ransomware attack forced two hospitals to send ambulances elsewhere and only accept walk-up patients to the emergency rooms. Financial Services.

Retail

Retail Cybersecurity Data breaches Risk

Global: Data Privacy Snapshot 2018

DLA Piper Privacy Matters

FEBRUARY 1, 2018

Data protection is rising on the agenda globally: the past year has seen China introduce the PRC Cybersecurity Law, the introduction of Australia’s mandatory Privacy Amendment (Notifiable Data Breaches) Act 2017, while the EU’s long awaited General Data Protection Regulation is due to come in to force in May 2018.

Data Privacy

Data Privacy Privacy Financial Services Data breaches

SHARED INTEL: How attacks on web, mobile apps are being fueled by rising API vulnerabilities

The Last Watchdog

APRIL 7, 2020

Zoosk doesn’t want to block their customers from trying to find a mate; neither does a financial services firm or a retailer want to unnecessarily block a transaction and create customer dissatisfaction. “So

Digital transformation

Digital transformation Financial Services Marketing Retail

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

We expect each of these trends to continue in 2018. As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR. The May 25, 2018 effective date for the EU’s General Data Protection Regulation (GDPR) will no doubt be a central focus of 2018. Data breach litigation risks.

Privacy

Privacy Cybersecurity Data breaches GDPR

MY TAKE: Here’s why we need ‘SecOps’ to help secure ‘Cloud Native’ companiess

The Last Watchdog

SEPTEMBER 21, 2018

We met at Black Hat USA 2018. That include longstanding standards such as health records rules, under HIPAA, and payment card security rules, under PCI DSS, and fresh rules under Europe’s revised GDPR data privacy mandate and New York State’s cyber certification rules for financial services companies.

Cloud

Cloud Security Mining Financial Services

SEC Charges Investment Advisers and Broker-Dealers with Deficient Cybersecurity Procedures

Hunton Privacy

SEPTEMBER 1, 2021

34-92806 ; and In the Matter of KMS Financial Services, Inc. , Release No. found that between January 2018 and July 2021, unauthorized third parties accessed the cloud-based email accounts of over 120 Cambridge representatives, leading to the exposure of personally identifiable information of over 2,100 clients.

Cybersecurity

Cybersecurity Financial Services Cloud Access

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

Other government agencies, like the New York Department of Financial Services and the Federal Trade Commission, are also increasingly focused on the need for broad implementation of MFA. Like an incident response plan, MFA has become a critical element of cybersecurity programs.

Cybersecurity

Cybersecurity Financial Services Authentication Government

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk

Risk Financial Services Insurance Data breaches

Threatlist: Financial Services Firms Lag in Patching Habits

Threatpost

AUGUST 7, 2018

Half of breached firms say they were compromised due to a vulnerability for which a patch was available but not applied.

Financial Services

ABBYY Reports 15% Annual Global Revenue Growth in 2018

Info Source

MARCH 6, 2019

March 6, 2019 – ABBYY, a global leader in enterprise content IQ technologies and solutions, today announced it achieved 15% revenue growth in 2018, building upon the momentum from an exceptional 2017. ABBYY relies heavily on partners for its success, and 2018 was no exception. MILPITAS, Calif., billion today.

Unstructured data

Unstructured data Digital transformation Marketing Financial Services

Q&A: Here’s how Google’s labeling HTTP websites “Not Secure” will strengthen the Internet

The Last Watchdog

AUGUST 15, 2018

It’s true that most financial services and big-name shopping websites have long ago moved to HTTPS. W3Techs’ June 2018 survey shows that 35 percent of the top 10 million websites have adopted it.

Security

Security Encryption Authentication Financial Services

Archives Records 2018 RMS Annual Meeting

The Schedule

AUGUST 22, 2018

Outgoing RMS chair Eira Tansey addresses the joint meeting of the Acquisition & Appraisal and Records Management Sections at SAA’s 2018 annual meeting. ” The first speaker was Lauren Gaines from Thrivent Financial, which is a fraternal benefit society and Fortune 500 financial services organization.

Archiving

Archiving FOIA Records Management Compliance

Alleged SIM Swapper Arrested in California

Krebs on Security

AUGUST 22, 2018

The arrest is the third known law enforcement action this month targeting “SIM swappers,” individuals who specialize in stealing wireless phone numbers and hijacking online financial and social media accounts tied to those numbers. Xzavyer Clemente Narvaez was arrested Aug. miles away from 360 Yosemite Drive in Tracy, CA.

Blockchain

Blockchain Retail Financial Services Access

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

September 2018 Security Notes address a total of 14 flaws in SAP products

Webinars

Trending Sources

NY Charges First American Financial for Massive Data Leak

Webinars

American Insurance firm State Farm victim of credential stuffing attacks

Corporate Finance firms leak 500K+ legal and financial documents online

Oracle critical patch advisory addresses 284 flaws, 33 critical

OpenText STP Financial Hub revolutionizes workflows in the Financial Services sector

SAP April 2019 Security Patch Day addresses High severity flaws in Crystal Reports, NetWeaver

Mysterious custom malware used to steal 1.2TB of data from million PCs

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Financial Services Data – More at risk than you’d believe

SEC announces sanctions against entities over email account hacking

Digital transformation in Financial Services requires a rethink of identity management

Tianfu Cup 2019 Day 1 – Chinese experts hacked Chrome, Edge, Safari, Office365

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Iran-linked Tortoiseshell APT behind watering hole attacks on shipping and logistics Israeli websites

Emissary Panda updated its weapons for attacks in the past 2 years

Tianfu Cup PWN hacking contest – White hat hackers earn $1 Million for Zero-Day exploits

New York State Department of Financial Services Challenges OCC Authority on Fintech Charters

Missing the GDPR deadline of May 2018: And then what?

Akamai Report: Credential stuffing attacks are a growing threat

NY Department of Financial Services Issues Reminder for Cybersecurity Filing Deadline

First American Financial Pays Farcical $500K Fine

Air Canada data breach – 20,000 users of its mobile app affected

Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks

Credit Union Sues Fintech Giant Fiserv Over Security Claims

Customer experience in Financial Services

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Sophisticated cyber attacks are biggest technology concern in 2018

4 Industries That Have to Fight the Hardest Against Cyberattacks

Global: Data Privacy Snapshot 2018

SHARED INTEL: How attacks on web, mobile apps are being fueled by rising API vulnerabilities

Privacy and Cybersecurity Top 10 for 2018

MY TAKE: Here’s why we need ‘SecOps’ to help secure ‘Cloud Native’ companiess

SEC Charges Investment Advisers and Broker-Dealers with Deficient Cybersecurity Procedures

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

Threatlist: Financial Services Firms Lag in Patching Habits

ABBYY Reports 15% Annual Global Revenue Growth in 2018

Q&A: Here’s how Google’s labeling HTTP websites “Not Secure” will strengthen the Internet

Archives Records 2018 RMS Annual Meeting

Top 7 Data Governance Blog Posts of 2018

Alleged SIM Swapper Arrested in California

Stay Connected