Security Affairs

JANUARY 18, 2019

The bug affected the OCA’s Diameter Signalling Router component and its Communications Services Gatekeeper. The flaw also affected the Financial Services Analytical Applications Infrastructure, the Fusion Middleware MapViewer, and four three Oracle Retail components. ” reads the d escription provided by.

Financial Services 254

Financial Services Libraries Mining Retail 254

Krebs on Security

MAY 3, 2019

A Pennsylvania credit union is suing financial industry technology giant Fiserv , alleging that “baffling” security vulnerabilities in the company’s software are “wreaking havoc” on its customers. Most alarmingly, this security control was purely illusory.

Security 219

Security Passwords Financial Services Sales 219

Security Affairs

JUNE 11, 2021

million Windows systems between 2018 and 2020. The software includes illegal Adobe Photoshop 2018, a Windows cracking tool, and several cracked games.” million unique email addresses, NordLocker found, for an array of different apps and services. terabyte of stolen data. The database includes 6.6 million computers.

Computer and Electronics 328

Computer and Electronics Archiving Encryption Passwords 328

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. ” reads the report published by Crowdstrike. Pierluigi Paganini.

Access 329

Access Financial Services Retail Insurance 329

Security Affairs

JANUARY 13, 2019

Security researchers at Proofpoint researchers discovered two strains of malware tracked as ServHelper and FlawedGrace distributed through phishing campaigns by the TA505 crime gang. “In November 2018, TA505 , a prolific actor that has been at the forefront of this trend, began distributing a new backdoor we named “ServHelper”.

IT 279

IT Financial Services Ransomware Retail 279

Security Affairs

NOVEMBER 17, 2019

Security Competition has started, in two days white hat hackers will attempt to exploit flaws in major software. Security Competition has started, white hat hackers will attempt to devise working zero-day exploits for popular software. According to the organizers , in 2018 hackers earned $1,024,000 for a total of 30 vulnerabilities.

Financial Services 272

Financial Services Government Security Cybersecurity 272

OpenText Information Management

OCTOBER 24, 2018

It’s been a busy 2018 here on our OpenText™ Straight Through Processing (STP) for Securities (STP Financial Hub) platform, with many new clients discovering the benefits of our powerful workflow engine and flexible connectivity methods, along with our constant improvement and enhancement process for our existing clients.

Financial Services 89

Financial Services Security Digital transformation B2B 89

Security Affairs

MAY 24, 2023

Iran-linked threat actor Tortoiseshell targeted shipping, logistics, and financial services companies in Israel with watering hole attacks. The expert spotted the Iranian group in 2018, but they speculate that it has been active for a longer time. We are in the final!

Financial Services 246

Financial Services Security Cybersecurity IT 246

Security Affairs

NOVEMBER 19, 2018

Other participants were teams from universities, Tencent, financial service provider Ant Financial, and independent researchers. Recently participants to another contest, the Zero Day Initiative’s Pwn2Own Tokyo 2018 earned over $300,000 for disclosing flaws affecting iPhone X, Xiaomi Mi 6 and Samsung Galaxy S9 smartphones.

Financial Services 274

Financial Services Cybersecurity Security 274

Thales Cloud Protection & Licensing

DECEMBER 5, 2018

One of the top findings from the 2018 Thales Data Threat Report, Financial Services Edition was that data breaches in U.S. financial services organizations are increasing at an alarming rate. Two other key drivers are digital transformation and poor investments in IT security tools needed to protect data.

Financial Services 75

Financial Services Risk Digital transformation Data breaches 75

Security Affairs

MARCH 1, 2019

defense contractors , financial services firms, and a national data center in Central Asia. “In 2018, CTU researchers identified evidence of BRONZE UNION leveraging tools that have been publicly available for years. However, the variants used in 2018 included updated code.” ” Secureworks concludes.

IT 252

IT File names Financial Services Communications 252

The Last Watchdog

SEPTEMBER 21, 2018

It’s rise in popularity has helped drive a new trend for start-ups to go “Cloud Native,” erecting their entire infrastructure, from the ground up, leveraging cloud services like Amazon Web Services, Microsoft Azure and Google Cloud. Security burden. Rising API exposures are another big security concern, by the way.

Cloud 203

Cloud Security Mining Financial Services 203

Security Affairs

SEPTEMBER 25, 2018

According to Akamai report titled “[state of the internet] / security CREDENTIAL STUFFING ATTACKS “ the credential stuffing attacks are a growing threat and often underestimated. In another attack, a large financial services institution received over 350,000 login attempts in just one afternoon. billion per month.

Passwords 272

Passwords Data breaches Financial Services Retail 272

Krebs on Security

JUNE 18, 2021

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. First American Financial Corp.

Insurance 319

Insurance Risk Financial Services Mining 319

Security Affairs

SEPTEMBER 10, 2018

Security experts observed the LuckyMouse APT group using a digitally signed 32- and 64-bit network filtering driver NDISProxy in recent attacks. defense contractors and financial services firms worldwide. The APT group has been active since at least 2010, the crew targeted U.S. Pierluigi Paganini.

Communications 239

Communications Financial Services Government Phishing 239

Security Affairs

AUGUST 30, 2018

22-24, 2018, it added that financial data was protected but invited to remain vigilant for fraudulent credit card transactions. 22-24, 2018. As an additional security precaution, we have locked all Air Canada mobile App accounts to protect our customers’ data.” ” reads the data breach notification.

Data breaches 194

Data breaches IT Passwords Financial Services 194

The Last Watchdog

AUGUST 15, 2018

In a move to blanket the Internet with encrypted website traffic, Google is moving forward with its insistence that straggling website publishers adopt HTTPS Secure Sockets Layer (SSL). Related: How PKI can secure IoT. This makes any personal information and details of financial transactions typed on HTTP web pages easy pickings.

Security 203

Security Encryption Authentication Financial Services 203

Security Affairs

DECEMBER 4, 2018

Society’s dependence on internet-based technologies means security professionals must defend against cyberattacks as well as more traditional threats, such as robbers or disgruntled employees. More than 83 percent of organizations responding to a recent survey reported making new or improved organizational security enhancements.

Retail 278

Retail Cybersecurity Data breaches Risk 278

Hunton Privacy

JANUARY 24, 2018

On January 22, 2018, the New York Department of Financial Services (“NYDFS”) issued a press release reminding entities covered by its cybersecurity regulation that the first certification of compliance with the regulation is due on or prior to February 15, 2018.

Financial Services 58

Financial Services Cybersecurity Compliance Insurance 58

The Last Watchdog

APRIL 7, 2020

I had the chance to discuss this with Matt Keil, director of product marketing at Cequence Security , a Sunnyvale, Calif.-based based application security vendor that’s in the thick of helping businesses mitigate web application exposures. A security mindset still needs to take hold at many more levels. We spoke at RSA 2020.

Digital transformation 266

Digital transformation Financial Services Marketing Retail 266

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. The post New York Department of Financial Services Issues First Guidance by a U.S. Issuance of the Framework is notable as it represents the first official guidance by a U.S. 1 See W.B.

Insurance 79

Insurance Financial Services Cybersecurity Risk 79

The Last Watchdog

NOVEMBER 13, 2018

And innovation is percolating among newer entrants, like PerimeterX, Shape Security and Signal Sciences. This week a new entrant in this field, Cequence Security , formally launched what it describes as a “game-changing” application security platform. Shifting security challenge.

Security 140

Security Digital transformation B2C Cloud 140

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

Hunton Privacy

SEPTEMBER 1, 2021

Securities and Exchange Commission (“SEC”) announced that it had settled three administrative cases involving a total of eight registered broker-dealers and investment advisers for failures in their cybersecurity policies and procedures. 34-92806 ; and In the Matter of KMS Financial Services, Inc. , Release No.

Cybersecurity 113

Cybersecurity Financial Services Cloud Access 113

eSecurity Planet

JANUARY 27, 2022

As threats mount from ransomware gangs , Russian-backed hacker groups , and other nation-sponsored attackers and as the growth in remote work makes security management increasingly complicated, many companies are finding it makes sense to turn to a managed security service provider (MSSP) for help with handling an extremely complex threat landscape.

Security 111

Security Cloud Compliance Analytics 111

The Last Watchdog

MARCH 1, 2019

There’s a frantic scramble going on among those responsible for network security at organizations across all sectors. Enterprises have dumped small fortunes into stocking their SOCs (security operations centers) with the best firewalls, anti-malware suites, intrusion detection, data loss prevention and sandbox detonators money can buy.

Digital transformation 193

Digital transformation Marketing Analytics Risk 193

The Last Watchdog

MAY 1, 2019

This is stunning: phishing attacks soared in 2018, rising 250% between January and December, according to Microsoft’s Security Intelligence Report. And some of the worst culprits are the very technically savvy people – the security guys are often the worst because they’re very resistant to being told what to do.”

Phishing 166

Phishing Financial Services Manufacturing Education 166

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. NSC), relating to violations of three different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2020. NYDFS Cybersecurity Regulation.

Cybersecurity 94

Cybersecurity Financial Services Phishing Compliance 94

Krebs on Security

AUGUST 22, 2018

The arrest is the third known law enforcement action this month targeting “SIM swappers,” individuals who specialize in stealing wireless phone numbers and hijacking online financial and social media accounts tied to those numbers. Xzavyer Clemente Narvaez was arrested Aug. miles away from 360 Yosemite Drive in Tracy, CA.

Blockchain 148

Blockchain Retail Financial Services Access 148

Data Protection Report

JUNE 2, 2021

On May 13, 2021, the New York Department of Financial Services (NYDFS) announced a $1.8 million settlement with two related insurance companies, relating to violations of two different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2019. NYDFS Cybersecurity Regulation.

Cybersecurity 71

Cybersecurity Insurance Financial Services Phishing 71

Data Protection Report

JANUARY 18, 2024

NYDFS conducted its first audit of GGT for the period of May 17, 2018 through March 31 2019. 2024 was not a happy new year for Genesis Global Trading, Inc. (“GGT”).

Cybersecurity 111

Cybersecurity Financial Services Compliance Encryption 111

The Last Watchdog

APRIL 30, 2020

Over a five year period the number technical software vulnerabilities reported to the National Institute of Standards and Technology’s National Vulnerability Database (NVD) more than tripled – from 5,191 in 2013 to a record 16,556 in 2018. Total vulnerabilities reported in the NVD dropped a bit in 2019, down to 12,174 total flaws.

Financial Services 133

Financial Services Security IT Marketing 133

The Last Watchdog

SEPTEMBER 4, 2018

There’s no doubt that monitoring and continually updating all parts of a multi-tiered security system is a must-do best practice. Tweaking one system can open fresh, unforeseen security holes in another. DeSanto: When you think about it, security and performance are usually hooked at the hip. LW: Engagements?

Data breaches 133

Data breaches Honeypots Digital transformation Communications 133

Information Matters

DECEMBER 7, 2018

UK consumers threaten data breach backlash – Computer Weekly, 5 December 2018. “Seven out of 10 UK consumers and two-thirds, on average, around the world would stop doing business with a brand that suffers a breach of users’ financial or personal data. ” [link]. ” [link]. ” [link]. ” [link]. .

IoT 40

IoT Blockchain Personal data Analytics 40

HL Chronicle of Data Protection

OCTOBER 4, 2018

As of Tuesday, September 4, 2018, covered entities are required to be in compliance with additional requirements relating to: Audit Trail (Section 500.06); Application Security (Section 500.08); Limitations on Data Retention (Section 500.13); Monitoring of Authorized Users (Section 500.14(a)); Application Security (Section 500.08).

Cybersecurity 65

Cybersecurity Encryption Financial Services Compliance 65

Hunton Privacy

JULY 24, 2020

On Wednesday, July 22, the New York Department of Financial Services (the “NYDFS”) announced that it had filed administrative charges against First American Title Insurance Co. under the NYDFS Cybersecurity Regulation , marking the agency’s first enforcement action since the rules went into effect in March 2017.

Cybersecurity 85

Cybersecurity Risk Financial Services Insurance 85

Data Matters

JUNE 24, 2021

In the Order, the SEC alleges that First American’s disclosures concerning the vulnerability were deficient because senior executives were not provided all available and relevant information, specifically that First American’s information security personnel had identified and failed to remediate the vulnerability months earlier in January 2019.

Cybersecurity 68

Cybersecurity Financial Services Risk Compliance 68