Security Affairs

FEBRUARY 26, 2019

Threat actors in the wild are exploiting the recently patched CVE-2019-6340 flaw in the Drupal CMS to deliver cryptocurrency miners and other payloads. Just three days after the CVE-2019-6340 flaw in Drupal was addressed, threat actors in the wild started exploiting the issue to deliver cryptocurrency miners and other payloads.

Financial Services 105

Financial Services CMS Government Security 105

Krebs on Security

AUGUST 13, 2021

. “To date, this type of analysis has been used primarily by regulated financial service providers.” ET: Corrected the story to note that AMLBot has been around since 2019. ” That may not be entirely true. AMLBot’s user interface. “My guess is they’re just white-labeling that.”

Blockchain 340

Blockchain Analytics Marketing Ransomware 340

Security Affairs

NOVEMBER 17, 2019

The Tianfu Cup 2019 International Cyber ??Security The Tianfu Cup 2019 International Cyber ??Security Other participants were teams from universities, Tencent, financial service provider Ant Financial, and independent researchers. — TianfuCup (@TianfuCup) November 16, 2019. Pierluigi Paganini.

Financial Services 108

Financial Services Government Security Cybersecurity 108

Security Affairs

MAY 15, 2019

SAP released SAP Security Patch Day for May 2019 that includes 8 Security Notes, 5 of which are updates to previously released Notes. ” reads the security advisory for the CVE-2019-0301. .” ” reads the security advisory for the CVE-2019-0301. SecurityAffairs – SAP Security Patch Day for May 2019 ).

Security 101

Security Financial Services Risk IT 101

Dark Reading

NOVEMBER 25, 2019

Every organization should be paying attention to the attacks targeting financial services systems.

Financial Services 58

Financial Services Security 58

Thales Cloud Protection & Licensing

NOVEMBER 4, 2020

Financial Services Organizations Need to Adapt their Security Practices to the Shifting Environment. Even “traditional banks” seek to drive more revenue from digital products, personalized services and experiences. At the same time, financial services organizations need to adapt to a shifting global environment.

Financial Services 62

Financial Services Security Digital transformation Encryption 62

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

ARMA International

NOVEMBER 7, 2019

This article summarizes a report published by AIEF on June 26, 2019. The scope of a records and information management (RIM) program in financial services can seem overwhelming. Financial Services Industry Overview. Drivers for RIM in Financial Services. financial institutions.

Financial Services 52

Financial Services Communications Compliance Risk 52

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. Thereafter, in 2019, the department created a Cybersecurity Division to focus specifically on protecting industries and consumers from cyberthreats. regulator concerning the increasingly critical issue of cyberinsurance.

Insurance 79

Insurance Financial Services Cybersecurity Risk 79

Hunton Privacy

DECEMBER 4, 2023

On November 28, 2023, the New York Department of Financial Services (“NYDFS”) announced that First American Title Insurance Company (“First American”), the second-largest title insurance company in the United States, would pay a $1 million penalty for violations of the NYDFS Cybersecurity Regulation in connection with a 2019 data breach.

Financial Services 64

Financial Services Insurance Data breaches Cybersecurity 64

Krebs on Security

MAY 3, 2019

In late April 2019, Fiserv was sued by Bessemer System Federal Credit Union , a comparatively tiny financial institution with just $38 million in assets. In January 2019, Fiserv announced it was acquiring payment processing giant First Data in a $22 billion all-stock deal. And it’s poised to soon get much bigger.

Security 220

Security Passwords Financial Services Sales 220

Krebs on Security

SEPTEMBER 27, 2019

1, 2019 to Aug. For more than a decade, MyPayrollHR worked with California-based Cachet Financial Services to process payroll deposits for MyPayrollHR client employees. .” The government alleges Mann was kiting millions of dollars in checks between his accounts at Bank of American and Pioneer from Aug.

Financial Services 269

Financial Services Insurance Cloud IT 269

Data Matters

FEBRUARY 20, 2019

On January 18, 2019, the New York State Department of Financial Services (NYDFS) issued Circular Letter 2019-1 (the Circular Letter), addressing insurers’ use of external consumer data and information sources in underwriting for life insurance.

Insurance 68

Insurance Financial Services Compliance Retail 68

The Last Watchdog

MAY 24, 2021

billion hitting financial services organizations — an increase of more than 45 percent year-over-year in that sector. Meanwhile, threat actors’ siege on web applications surged 62 percent in 2020 vs. 2019: Akamai observed nearly 6.3 billion web attacks globally; 736 million in the financial services sector.

Financial Services 178

Financial Services Passwords Data breaches Authentication 178

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July. billion per month.

Insurance 110

Insurance Data breaches Financial Services Passwords 110

Security Affairs

SEPTEMBER 1, 2020

“The adversary is particularly interested in exploits related to VPNs and network appliances , including CVE-2019-11510, CVE-2019-19781, and most recently CVE-2020-5902; reliance on exploits such as these lends to an opportunistic operational model.” ” reads the report published by Crowdstrike.

Access 130

Access Financial Services Retail Insurance 130

IT Governance

JULY 31, 2019

Unprotected server at Brazilian financial services provider exposes customer data (unknown). National Australia Bank notifying customers after data service companies misuse personal data (13,000). The post List of data breaches and cyber attacks in July 2019 – 2.2

Data breaches 111

Data breaches Ransomware Personal data Government 111

Security Affairs

APRIL 30, 2020

Security experts from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe. Researchers from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe.

Financial Services 143

Financial Services Libraries Encryption Authentication 143

The Last Watchdog

AUGUST 30, 2021

In addition, even as recently as 2019, solutions like Microsoft Sentinel are roaring into the space , purpose-built for security use cases. However, there are cases where enterprises, like large players in the financial services vertical, simply need to collect ridiculously vast amounts of data.

Analytics 230

Analytics Security Marketing Compliance 230

HL Chronicle of Data Protection

FEBRUARY 25, 2020

Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the effective date of the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act or Act).

Cybersecurity 104

Cybersecurity Financial Services Data breaches Insurance 104

Security Affairs

OCTOBER 19, 2023

The ransomware operation has been active since late December 2019, the FBI published two flash alert to warn of the operation of the group. This is an important achievement in the fight against cybercrime. Both FBI and Europol declined to comment on the events. More details are expected to be released tomorrow.

Ransomware 139

Ransomware Financial Services Manufacturing Government 139

Security Affairs

APRIL 3, 2024

Resecurity researchers warn that a new Version of JsOutProx is targeting financial institutions in APAC and MENA via Gitlab abuse. Resecurity has detected a new version of JSOutProx , which is targeting financial services and organizations in the APAC and MENA regions.

Financial Services 130

Financial Services Phishing IT Information Security 130

Security Affairs

FEBRUARY 19, 2024

pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 LockBit is a prominent ransomware operation that first emerged in September 2019. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized.

Energy and Utilities 135

Energy and Utilities Ransomware Agriculture Financial Services 135

Security Affairs

MARCH 17, 2020

Advantage and Argus seem to be the same company working under two different names, they offer funding and startup capital to business owners without access to traditional lending and financial services. The researchers discovered the unsecured database in December 2019.

Financial Services 142

Financial Services Access Privacy Security 142

Security Affairs

JANUARY 18, 2019

Oracle released the first critical patch advisory for 2019 that addresses a total of 284 vulnerabilities, 33 of them are rated “critical”. The bug affected the OCA’s Diameter Signalling Router component and its Communications Services Gatekeeper. ” reads the d escription provided by.

Financial Services 101

Financial Services Libraries Mining Retail 101

Thales Cloud Protection & Licensing

DECEMBER 4, 2019

Data security professionals also make ambitious plans, but implementation rates are too low – a key finding in the 2019 Thales Data Threat Report-Financial Services Edition. Here’s a look at four common issues highlighted in the 2019 Thales Data Threat Report-Financial Services Edition and tips for overcoming them.

Financial Services 17

Financial Services Encryption Cloud Digital transformation 17

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk 147

Risk Financial Services Insurance Cybersecurity 147

Data Matters

SEPTEMBER 4, 2019

The National Association of Insurance Commissioners (NAIC) held its Summer 2019 National Meeting (Summer Meeting) in New York City from August 3 to 6, 2019. The amended regulation took effect on August 1, 2019, for annuity products and will become effective on February 1, 2020, for life insurance products.

Insurance 68

Insurance Paper Risk Analytics 68

The Last Watchdog

MAY 17, 2021

In pulling off that milestone hack, Paige Thompson took advantage of CapOne’s lack of focus on cloud security as the banking giant rushed headlong into leveraging Amazon Web Services. Luckily, Thompson left an easy trail for the FBI to follow and affect her arrest in August 2019. Here are the key takeaways: Cloud migration risks.

Cloud 164

Cloud Security Risk Financial Services 164

Data Protection Report

JANUARY 18, 2024

On January 3, 2024, the New York Department of Financial Services announced a consent order with GGT, where GGT agreed to pay NYDFS $8 million and to surrender its BitLicense (for cryptocurrency trading), due to alleged violations of NYDFS’ cybersecurity and its virtual currency regulations.

Cybersecurity 111

Cybersecurity Financial Services Compliance Encryption 111

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

HL Chronicle of Data Protection

FEBRUARY 28, 2019

Please join us for our March 2019 events. Mark Brennan will discuss TCPA issues on the panel, “Financial Services and Litigation Trends,” at the American Financial Services Association (AFSA) Law and Compliance Symposium 2019. ” at the IAPP Data Protection Intensive: UK 2019.

Privacy 40

Privacy Cybersecurity Artificial Intelligence GDPR 40

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. According to the consent order, the matter began when NSC reported a cybersecurity event to NYDFS on October 23, 2019. The second incident occurred in March of 2019.

Cybersecurity 94

Cybersecurity Financial Services Phishing Compliance 94

Hunton Privacy

MARCH 11, 2021

On March 3, 2020, the New York Department of Financial Services (“NYDFS”) announced it had entered into a settlement with Residential Mortgage Services, Inc. (“RMS”) RMS”) related to allegations that RMS violated the NYDFS Cybersecurity Regulation in connection with a 2019 data breach.

Data breaches 97

Data breaches Cybersecurity Financial Services Personal data 97

Krebs on Security

OCTOBER 24, 2019

1, 2019 to Aug. But on Oct. 23 — less than 24 hours before another weekly payroll rush — Pasadena, Calif. Shortly after MyPayrollHR closed its doors last month and disappeared with $35 million in payroll and tax payments, the company’s 49-year-old CEO Michael Mann was arrested and charged with bank fraud.

Communications 172

Communications Financial Services Insurance Risk 172

Hunton Privacy

SEPTEMBER 1, 2021

34-92806 ; and In the Matter of KMS Financial Services, Inc. , Release No. According to the SEC order against KMS Financial Services Inc., The cases are In the Matter of Cetera Advisor Networks LLC , Release No. 34-92800 ; In the Matter of Cambridge Investment Research, Inc. , Release No. 34-92807 , August 30, 2021.

Cybersecurity 113

Cybersecurity Financial Services Cloud Access 113

The Last Watchdog

MAY 1, 2019

I had the chance at RSA 2019 to sit down with Lucy CEO Colin Bastable, to discuss the wider context. Customers in financial services, energy, government, healthcare and manufacturing sectors are using its testing and training modules. You can listen to the full interview via the accompanying podcast. office in Austin, TX.

Phishing 166

Phishing Financial Services Manufacturing Education 166