Analysis and Financial Services - Information Management Today

'Hack-for-Hire' Groups Spoof WHO Emails to Steal Data

Data Breach Today

MAY 28, 2020

Google: Hackers Using COVID-19 Phishing Themes to Target Businesses "Hack-for-hire" groups operating in India are spoofing World Health Organization emails to steal credentials from financial services and healthcare firms around the world, according to Google's Threat Analysis Group.

Financial Services

Financial Services Phishing

Vendor Email Compromise Attacks Against Financial Services Surge 137% Last Year

KnowBe4

FEBRUARY 2, 2024

Analysis of 2023 attacks shows how the financial services industry had a very bad year, with increases in both vendor email compromise (VEC) and business email compromise (BEC) attacks, targeting millions of dollars using very specific methods.

Financial Services

Financial Services Security awareness Security

Why Marketing Compliance for Financial Services Is A Big Deal

Hanzo Learning Center

SEPTEMBER 5, 2023

In today's fiercely competitive business landscape, financial services companies, like their counterparts in other industries, rely on advertising and digital marketing strategies to create brand recognition, promote their products and services to potential customers, and engage with their existing client base.

Financial Services

Financial Services Marketing Compliance

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

Krebs on Security

DECEMBER 10, 2020

TSYS provides payment processing services, merchant services and other payment solutions, including prepaid debit cards and payroll cards. In 2019, TSYS was acquired by financial services firm Global Payments Inc. NYSE:GPN ].

Ransomware

Ransomware Financial Services Access IT

Analysis: Fallout From the Snowden Memoir

Data Breach Today

SEPTEMBER 20, 2019

Also featured: An update on Lumen PDF's breach disclosure; insights on financial services identity management issues. The latest edition of the ISMG Security Report features a discussion of the controversies surrounding the release of whistleblower Edward Snowden's memoir.

Financial Services

Financial Services Security

6 benefits of data lineage for financial services

IBM Big Data Hub

FEBRUARY 26, 2024

The financial services industry has been in the process of modernizing its data governance for more than a decade. How can banks, credit unions, and financial advisors keep up with demanding regulations while battling restricted budgets and higher employee turnover? One often-overlooked area of impact analysis is IT resilience.

Financial Services

Financial Services Cloud Metadata Digital transformation

Mitigating the impact of climate change in insurance and other financial services

IBM Big Data Hub

MARCH 25, 2024

For other financial services firms outside of the insurance sector, property accepted as loan security might face climate-related risks as well. Across the financial sector, there are transition risks to consider as we move to a low-carbon economy. Financial services firms can use the tool for “what if?”

Financial Services

Financial Services Insurance Risk Agriculture

Financial Services Industry Experiences a Massive Increase in Brand Abuse

KnowBe4

OCTOBER 4, 2024

Industry analysis of the domains used behind phishing and brand impersonation attacks show financial institutions are being leveraged at an alarming rate.

Financial Services

Financial Services Phishing

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

According to a filing (PDF) by the New York State Department of Financial Services (DFS), the weakness that exposed the documents was first introduced during an application software update in May 2014 and went undetected for years. The documents were available without authentication to anyone with a Web browser.

Insurance

Insurance Financial Services Mining Access

Twitter Hack Analysis Drives Calls for Greater Security Regulation

Dark Reading

OCTOBER 15, 2020

New York's Department of Financial Services calls for more cybersecurity regulation at social media firms following the "jarringly easy" Twitter breach.

Financial Services

Financial Services Security Cybersecurity

Half of all Financial Services Cyber Attacks Start with a Very Costly Phish

KnowBe4

SEPTEMBER 23, 2024

New analysis of attacks on the financial sector shows that the combination of phishing emails and compromised credentials is a recurring — and financially impactful — threat.

Financial Services

Financial Services Phishing Security

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. These revisions represent the most significant modifications since the enactment of the rules in March 2017.

Financial Services

Financial Services Cybersecurity Compliance Government

DEEP TECH NEWS: Respecting individual rights by using ‘privacy preserving aggregate statistics’

The Last Watchdog

JANUARY 28, 2024

Scientists at NTT Research are working on an advanced type of cryptography that enables businesses to perform aggregate data analysis on user data — without infringing upon individual privacy rights. Both regulations have profound implications for companies seeking to collect and apply aggregate statistical analysis to consumer data.

Privacy

Privacy Data Privacy GDPR Personal data

New Anti Anti-Money Laundering Services for Crooks

Krebs on Security

AUGUST 13, 2021

“To date, this type of analysis has been used primarily by regulated financial service providers.” . “It is also significant because it makes blockchain analytics available to the public for the first time,” Robinson wrote. ” That may not be entirely true.

Blockchain

Blockchain Analytics Marketing Ransomware

2024 Thales Global Data Threat Report: Trends in Financial Services

Thales Cloud Protection & Licensing

OCTOBER 14, 2024

2024 Thales Global Data Threat Report: Trends in Financial Services madhav Tue, 10/15/2024 - 05:17 Financial services (FinServ) firms are key players in the global economy. As a result, FinServ organizations have some of the largest cybersecurity budgets and most advanced defenses.

Financial Services

Financial Services Cloud Compliance Authentication

Accelerate hybrid cloud transformation through IBM Cloud for Financial Service Validation Program

IBM Big Data Hub

APRIL 4, 2024

IBM has created the solution for this problem with its Financial Services Cloud offering, and its ISV Financial Services validation program, which is designed to de-risk the partner ecosystem for clients. IBM Cloud Framework for Financial services is uniquely positioned for that, meeting all these requirements.

Financial Services

Financial Services Cloud Compliance Digital transformation

The Rise of One-Time Password Interception Bots

Krebs on Security

SEPTEMBER 29, 2021

. “Over the past few months, we’ve seen actors provide access to services that call victims, appear as a legitimate call from a specific bank and deceive victims into typing an OTP or other verification code into a mobile phone in order to capture and deliver the codes to the operator.

Passwords

Passwords Authentication Phishing Access

EventBot, a new Android mobile targets financial institutions across Europe

Security Affairs

APRIL 30, 2020

Security experts from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe. Researchers from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe.

Financial Services

Financial Services Libraries Encryption Authentication

SharkBot, a new Android Trojan targets banks in Europe

Security Affairs

NOVEMBER 15, 2021

The malware implements multiple anti-analysis techniques, including string obfuscation routine, emulator detection and a domain generation algorithm (DGA). ” reads the analysis published by the researchers. ” SharkBot abuses Accessibility Service to carry out ATS attacks inside the infected device. .

Financial Services

Financial Services Access Security IT

Infosource Global IDP Vertical Market Analysis 2023-2024 Update

Info Source

DECEMBER 18, 2024

KEY TAKEAWAYS Market Scope and Methodology : This assessment of vertical opportunities for IDP solutions is a key pillar of Infosources analyst services. The quantitative analysis of IDP investments by industry sector is based on vendor inputs and forecasts future demand based on industry dynamics in key countries.

Marketing

Marketing Digital transformation Insurance Manufacturing

GUEST ESSAY: Few consumers read privacy policies — tools can now do this for them

The Last Watchdog

MARCH 14, 2022

Financial services, health, home security, governance and all other mission critical services are now provided online. But these accounts are not all about networking and games. Related: What happened to privacy in 2021. COVID crisis has forced us to work remotely. Our children now take classes online.

Privacy

Privacy Artificial Intelligence Financial Services Archiving

Hackers target financial firms hosting malicious payloads on Google Cloud Storage

Security Affairs

DECEMBER 26, 2018

Researchers at Menlo Labs uncovered a malicious email campaign targeting employees of banks and financial services companies abusing Google Cloud Storage. ” reads the analysis published by security researchers at Menlo. The spam campaign uses messages including links that point to archive files such as.zip or.gz.

Cloud

Cloud Financial Services Archiving Phishing

BlackCocaine Ransomware, a new malware in the threat landscape

Security Affairs

JUNE 5, 2021

Recently Cyber researchers for Cyble investigated an attack suffered by on May 30, 2021, by Nucleus Software, an India-based IT company in the Banking and Financial Services sector. Nucleus Software declared that it does not store customers’ financial data. ” reads the post published by Cyble.

Ransomware

Ransomware Encryption File names Financial Services

BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign

Security Affairs

DECEMBER 15, 2023

Resecurity’s HUNTER (HUMINT) unit spotted the BianLian , White Rabbit , and Mario ransomware gangs collaborating in a joint extortion campaign targeting publicly-traded financial services firms. This is why it is critical to share such intelligence for further analysis with the broader cybersecurity community.

Ransomware

Ransomware Financial Services Cybersecurity Passwords

Corporate Finance firms leak 500K+ legal and financial documents online

Security Affairs

MARCH 17, 2020

Advantage and Argus seem to be the same company working under two different names, they offer funding and startup capital to business owners without access to traditional lending and financial services. The researchers discovered the unsecured database in December 2019.

Financial Services

Financial Services Access Privacy Security

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July. billion per month.

Insurance

Insurance Data breaches Financial Services Passwords

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

Security Affairs

SEPTEMBER 29, 2022

” reads the analysis published by Lumen Technologies. The experts were able to enumerate the C2s and targets of multiple distinct Chaos clusters, some of which were employed in recent DDoS attacks against the gaming, financial services and technology, and media and entertainment industries. ” continues the report.

Mining

Mining Financial Services IT Security

Best Digital Forensics Tools & Software for 2021

eSecurity Planet

AUGUST 13, 2021

While several open-source tools exist for disk and data capture, network analysis, and specific device forensics, a growing number of vendors are building off what’s publicly available. Critical capabilities include timeline analysis, hash filtering, file and folder flagging, and multimedia extraction. The Sleuth Kit and Autopsy.

e-Discovery

e-Discovery Computer and Electronics Marketing Compliance

GUEST ESSAY: 5 security steps all companies should adopt from the Intelligence Community

The Last Watchdog

DECEMBER 6, 2018

Determine the issues to be addressed and what information could be gathered to provide answers. Collection. Gather raw data from various sources. Processing. Synthesize the raw data into a usable state. Apply information and process management to yield insights. Integate and evaluate the data into actionable final intelligence products.

Security

Security Financial Services Manufacturing Data collection

#ModernDataMasters: Martin Squires, The Analysis Foundry

Reltio

JULY 2, 2019

Just like in the TV programmes like CSI where the analysts solve crimes by a combination of analysis and field work, there is no better way of understanding what is going on than going into the real-world for example visiting shops or listening into call-centre conversations. What do you like to do outside of work?

Analytics

Analytics Insurance Artificial Intelligence Data science

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Security Affairs

DECEMBER 26, 2023

These projections stem from an in-depth analysis of the underground economy’s evolution on the Dark Web and a thorough examination of significant cybersecurity incidents targeting corporations and governments.

Energy and Utilities

Energy and Utilities Artificial Intelligence Ransomware Data breaches

LockFile Ransomware uses a new intermittent encryption technique

Security Affairs

AUGUST 31, 2021

This trick can be successful against ransomware detection software that relies on inspecting content using statistical analysis to detect encryption.” ransomware: The victims of the Lockfile ransomware gang are in the manufacturing, financial services, engineering, legal, business services, and travel and tourism sectors.

Encryption

Encryption Ransomware Financial Services Manufacturing

SAP April 2019 Security Patch Day addresses High severity flaws in Crystal Reports, NetWeaver

Security Affairs

APRIL 10, 2019

Update to security note release on January 2019 Patch Day: [ CVE-2018-2484 ] Missing Authorization check in SAP Enterprise Financial Services. ” reads the analysis published by security firm Onapsis. CVE-2019-0279 ] Missing Authorization check for ABAP INST function module. [

Security

Security Financial Services Risk Access

Hundreds of malicious Chrome browser extensions used to spy on you!

Security Affairs

JUNE 20, 2020

Malicious Chrome browser extensions were used in a massive surveillance campaign aimed at users working in the financial services, oil and gas, media and entertainment, healthcare, government organizations, and pharmaceuticals. ” reads the analysis published by Awake Security.

Healthcare

Healthcare Financial Services Communications Security

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk

Risk Financial Services Insurance Cybersecurity

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

JANUARY 13, 2019

” reads the analysis published by Proofpoint. ” The TA505 group was first spotted by Proofpoint back 2017, it has been active at least since 2015 and targets organizations in financial and retail industries. ” reads the analysis published by Proofpoint.

IT

IT Financial Services Ransomware Retail

Enterprise Architecture: Secrets to Success

erwin

AUGUST 13, 2020

Taking months to perform impact analysis and solution design is no longer viable, and data has to be agile. And the platform also supports business process modeling and analysis. Today’s enterprises need to be agile to react quickly: Things change fast in our current landscape. As a result it loses its business dimension and support.

Artificial Intelligence

Artificial Intelligence Healthcare Compliance Financial Services

BingoMod Android RAT steals money from victims’ bank accounts and wipes data

Security Affairs

JULY 31, 2024

. “These techniques have several advantages: they require less skilled developers, expand the malware’s target base to any bank, and bypass various behavioural detection countermeasures put in place by multiple banks and financial services.”

Authentication

Authentication Financial Services Communications Access

Recently disclosed Drupal CVE-2019-6340 RCE flaw exploited in the wild

Security Affairs

FEBRUARY 26, 2019

” reads the technical analysis published by Ambionics security. Hackers targeted dozens of Imperva’s customers, including organizations in the government and financial services sectors. ” reads the analysis published by Imperva. ” reads the post from Imperva.

Financial Services

Financial Services CMS Government Security

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

Security Affairs

NOVEMBER 8, 2021

” reads the analysis published by Palo Alto Networks. The analysis of the global telemetry from Palo Alto Networks revealed that attackers targeted at least 370 Zoho ManageEngine servers in the United States alone. ” continues the analysis.

Communications

Communications Blockchain Passwords Financial Services

Best Fraud Management Systems & Detection Tools in 2022

eSecurity Planet

SEPTEMBER 16, 2022

Also called “fraud prevention tools,” these solutions are designed to enhance and aid in the analysis, detection, and management of fraud and other illicit activities across all aspects of a business. In our analysis and review of the fraud prevention, detection and management market, a number of providers stood out.

Analytics

Analytics Risk Authentication Financial Services

Critical RCE affects older Diebold Nixdorf ATMs

Security Affairs

JUNE 9, 2019

The experts explained that had access to an ATM of Diebold vendor and started analyzing the machine a simple PC running Windows OS and exposing some services implemented by the ATM provider. The focused their analysis on the Spiservice service listening on post 8043. ” reads the post published by the experts.

Libraries

Libraries Communications Financial Services Security

Experts linked ransomware attacks to China-linked APT27

Security Affairs

JANUARY 4, 2021

defense contractors , financial services firms, and a national data center in Central Asia. “Combining all the links we discovered during our analysis of our incident, it is not out of the question that Winnti is behind the Clambling backdoor, or at least a sub-group operating under the Winnti umbrella.”

Ransomware

Ransomware Encryption Financial Services Cybersecurity

Four Use Cases Proving the Benefits of Metadata-Driven Automation

erwin

FEBRUARY 7, 2019

That’s time needed and better used for data analysis. The banking, financial services and insurance industry typically deals with higher data velocity and tighter regulations than most. Metadata-Driven Automation in the BFSI Industry. Plus many organizations in this sector find that they’ve outgrown their systems.

Metadata

Metadata Healthcare Insurance Financial Services

'Hack-for-Hire' Groups Spoof WHO Emails to Steal Data

Vendor Email Compromise Attacks Against Financial Services Surge 137% Last Year

Trending Sources

Why Marketing Compliance for Financial Services Is A Big Deal

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

Analysis: Fallout From the Snowden Memoir

6 benefits of data lineage for financial services

Mitigating the impact of climate change in insurance and other financial services

Financial Services Industry Experiences a Massive Increase in Brand Abuse

NY Charges First American Financial for Massive Data Leak

Twitter Hack Analysis Drives Calls for Greater Security Regulation

Half of all Financial Services Cyber Attacks Start with a Very Costly Phish

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

DEEP TECH NEWS: Respecting individual rights by using ‘privacy preserving aggregate statistics’

New Anti Anti-Money Laundering Services for Crooks

2024 Thales Global Data Threat Report: Trends in Financial Services

Accelerate hybrid cloud transformation through IBM Cloud for Financial Service Validation Program

The Rise of One-Time Password Interception Bots

EventBot, a new Android mobile targets financial institutions across Europe

SharkBot, a new Android Trojan targets banks in Europe

Infosource Global IDP Vertical Market Analysis 2023-2024 Update

GUEST ESSAY: Few consumers read privacy policies — tools can now do this for them

Hackers target financial firms hosting malicious payloads on Google Cloud Storage

BlackCocaine Ransomware, a new malware in the threat landscape

BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign

Corporate Finance firms leak 500K+ legal and financial documents online

American Insurance firm State Farm victim of credential stuffing attacks

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

Best Digital Forensics Tools & Software for 2021

GUEST ESSAY: 5 security steps all companies should adopt from the Intelligence Community

#ModernDataMasters: Martin Squires, The Analysis Foundry

Resecurity Released a 2024 Cyber Threat Landscape Forecast

LockFile Ransomware uses a new intermittent encryption technique

SAP April 2019 Security Patch Day addresses High severity flaws in Crystal Reports, NetWeaver

Hundreds of malicious Chrome browser extensions used to spy on you!

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Enterprise Architecture: Secrets to Success

BingoMod Android RAT steals money from victims’ bank accounts and wipes data

Recently disclosed Drupal CVE-2019-6340 RCE flaw exploited in the wild

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

Best Fraud Management Systems & Detection Tools in 2022

Critical RCE affects older Diebold Nixdorf ATMs

Experts linked ransomware attacks to China-linked APT27

Four Use Cases Proving the Benefits of Metadata-Driven Automation

Stay Connected