Financial Services, Government and Information Security

Emissary Panda APT group hit Government Organizations in the Middle East

Security Affairs

MAY 30, 2019

Chinese Cyber-Spies Target Government Organizations in Middle East. Chinese APT group Emissary Panda has been targeting government organizations in two different countries in the Middle East. defense contractors , financial services firms, and a national data center in Central Asia. Pierluigi Paganini.

Government

Government Financial Services Security Cybersecurity

U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours

Security Affairs

NOVEMBER 20, 2021

banking regulators this week approved a rule that obliges banks to report any major cybersecurity incidents to the government within 36 hours of discovery. Major cybersecurity incidents are attacks that impact operations of the victims or the stability of the US financial sector. Follow me on Twitter: @securityaffairs and Facebook.

Cybersecurity

Cybersecurity Financial Services Insurance Ransomware

Papua New Guinea ‘s finance ministry was hit by a ransomware

Security Affairs

OCTOBER 29, 2021

A ransomware attack hit Papua New Guinea ‘s finance ministry and disrupted government payments and operations. Government officials confirmed that Papua New Guinea’s finance ministry was hit by a ransomware attack that disrupted government payments and operations.

Ransomware

Ransomware Financial Services Government Data breaches

Webinars

How to Achieve High-Accuracy Results When Using LLMs

Maximizing Profit and Productivity: The New Era of AI-Powered Accounting

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

Security Affairs

DECEMBER 4, 2023

According to the report released by Resecurity, a Los Angeles-based company protecting Fortune 500 and governments worldwide, the attack against ICBC may be a precursor for significant malicious cyber activity against global financial system. LockBit specifically targeted ICBC Financial Services (ICBC FS), a wholly owned U.S.

Ransomware

Ransomware Financial Services Marketing Government

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

Security Affairs

MAY 24, 2023

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against four entities and one individual for their role in malicious cyber operations conducted to support the government of North Korea. ” reads the announcement. correspondent or payable-through account sanctions.”

Government

Government Military Financial Services Security

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

The majority of intercepted credentials by Agent Tesla related to financial services, online-retailers, e-government systems and personal and business e-mail accounts. . Researchers found active instances of Agent Tesla and developed a mechanism to enumerate the affected clients and extract compromised data.

Financial Services

Financial Services Retail Education Information Security

Russia-linked GRU Unit 29155 targeted critical infrastructure globally

Security Affairs

SEPTEMBER 6, 2024

The government expert pointed out that Unit 29155 operates independently from other GRU-affiliated groups like Unit 26165 and Unit 74455. The threat actors targeted critical infrastructure sectors such as government, finance, transportation, energy, and healthcare. Since 2022, the unit focused on disrupting aid efforts for Ukraine.

Financial Services

Financial Services Government IoT Communications

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Security Affairs

DECEMBER 26, 2023

Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 100 and government agencies worldwide, has compiled a comprehensive forecast outlining the imminent threats and novel security challenges anticipated in the upcoming year. Cybersecurity company Resecurity has published the 2024 Cyber Threat Landscape Forecast.

Energy and Utilities

Energy and Utilities Artificial Intelligence Ransomware Data breaches

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

“As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert.

Ransomware

Ransomware Financial Services Manufacturing Government

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

According to the experts, the threat actors are merely trying to monetize their efforts selling information that have no intelligence value for the Iranian Government. In late July 2020, Crowdstrike spotted a threat actor associated with PIONEER KITTEN that was attempting to sell access to compromised networks on an underground forum.

Access

Access Financial Services Retail Insurance

France and Germany will block Facebook’s Libra cryptocurrency

Security Affairs

SEPTEMBER 16, 2019

France and Germany governments announced that they will block Facebook’s Libra cryptocurrency , the news was reported by French finance ministry Bruno Le Maire. “We reads a joint statement issued by the two governments, “I want to be absolutely clear: in these conditions, we cannot authorise the development of Libra on European soil.”

Financial Services

Financial Services Government IT Security

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. law enforcement).

Ransomware

Ransomware Cybersecurity Agriculture Education

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. The Amendment also includes new governance requirements and responsibilities applicable to the CISO of all covered entities.

Financial Services

Financial Services Cybersecurity Compliance Government

US SEC warns investors of ongoing fraudulent communications claiming from the SEC

Security Affairs

NOVEMBER 21, 2021

The Securities and Exchange Commission (SEC) warns investors of attacks impersonating its officials in government impersonator schemes. The Securities and Exchange Commission (SEC) is warning investors of scammers impersonating SEC officials in fraudulent schemes. “Beware of government impersonator schemes.

Communications

Communications Financial Services Government Education

Microsoft: Russia-linked SolarWinds hackers breached three new entities

Security Affairs

JUNE 26, 2021

Most of the targeted organizations are IT companies (57%), followed by government organizations (20%). The hackers also targeted non-governmental organizations and think tanks, as well as financial services. Compromised and targeted entities are being contacted through the Microsoft nation-state notification process.

Financial Services

Financial Services Access Passwords Authentication

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

Nissan Oceania data breach impacted roughly 100,000 people

Security Affairs

MARCH 14, 2024

The Australian and New Zealand Nissan Corporation and Financial Services (“Nissan”) advises that its systems have been subject to a cyber incident. Nissan is working with its global incident response team and relevant stakeholders to investigate the extent of the incident and whether any personal information has been accessed.”

Data breaches

Data breaches Financial Services Ransomware Government

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. Consider installing and using a VPN.

Ransomware

Ransomware Passwords Encryption Financial Services

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

The credentials are sold for an average of $15.43, the most expensive pairs relate to banking and financial services accounts, with an average price of nearly $71. The price depends on the targeted industry, with the local government and financial sectors are the most requested ones. ” continues the report.

Marketing

Marketing Passwords Financial Services Access

DIVD discloses three new unpatched Kaseya Unitrends zero-days

Security Affairs

JULY 27, 2021

DIVD Chairman Victor Gevers told BleepingComputer that the advisory was originally shared with 68 government CERTs under a coordinated disclosure, but became public after one of them shared it with an organization’s service desk operating in the Financial Services.

Financial Services

Financial Services Authentication Cloud Government

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

The SEC said that under First American’s remediation policies, if the person responsible for fixing the problem is unable to do so based on the timeframes listed above, that employee must have their management contact the company’s information security department to discuss their remediation plan and proposed time estimate.

Insurance

Insurance Risk Financial Services Mining

Hundreds of malicious Chrome browser extensions used to spy on you!

Security Affairs

JUNE 20, 2020

Malicious Chrome browser extensions were used in a massive surveillance campaign aimed at users working in the financial services, oil and gas, media and entertainment, healthcare, government organizations, and pharmaceuticals.

Healthcare

Healthcare Financial Services Security Communications

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Last Watchdog

FEBRUARY 25, 2019

based supplier of identity access management (IAM) systems, which recently announced a partnership with Omada, a Copenhagen-based provider of identity governance administration (IGA) solutions. Governance and attestation quickly became a very big deal. Compliance became a huge driver for governance and attestation,” Curcio said. “It

Access

Access Government Authentication Data breaches

China-linked Budworm APT returns to target a US entity

Security Affairs

OCTOBER 13, 2022

The Budworm cyber espionage group (aka APT27 , Bronze Union , Emissary Panda , Lucky Mouse , TG-3390 , and Red Phoenix) is behind a series attacks conducted over the past six months against a number of high-profile targets, including the government of a Middle Eastern country, a multinational electronics manufacturer, and a U.S.

File names

File names Financial Services Manufacturing Libraries

Cuba Ransomware received over $60M in Ransom payments as of August 2022

Security Affairs

DECEMBER 2, 2022

Dollars (USD) and received more than $60 million in ransom payments from over 100 victims worldwide as of August 2022, the US government states. entities Financial Services, Government Facilities, Healthcare and Public Health, Critical Manufacturing, and Information Technology.

Ransomware

Ransomware Financial Services Manufacturing Phishing

Summary – “Industry in One: Financial Services”

ARMA International

NOVEMBER 7, 2019

The scope of a records and information management (RIM) program in financial services can seem overwhelming. Compared to other industries, the complexities of managing records and information in financial services are arguably some of the toughest to solve, primarily because of the intense regulatory scrutiny.

Financial Services

Financial Services Communications Compliance Risk

Simplifying Compliance in the Complex U.S. FinServ Regulatory Landscape

Thales Cloud Protection & Licensing

JANUARY 16, 2025

However, as important as PCI may be, United States financial services organizations operate in one of the worlds most stringent and complex compliance landscapes. Understanding the US FinServ Compliance Landscape The US financial services industry is subject to a vast number of laws and regulations.

Compliance

Compliance Financial Services Encryption Insurance

Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

Security Affairs

SEPTEMBER 9, 2023

“As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert.

Ransomware

Ransomware Phishing Encryption Privacy

Maze ransomware gang discloses data from drug testing firm HMR

Security Affairs

APRIL 8, 2020

The research firm revealed that many of the government IDs exposed in the data breach have since expired. “Consider contacting CIFAS (the UK’s Fraud Prevention Service) to apply for protective registration. . “Consider contacting CIFAS (the UK’s Fraud Prevention Service) to apply for protective registration.

Ransomware

Ransomware Data breaches Encryption Financial Services

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Security Affairs

MARCH 8, 2022

. “As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert.

Ransomware

Ransomware Passwords Financial Services Manufacturing

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

government offers rewards of up to $15 million for information that could lead to the identification or location of LockBit ransomware gang members and affiliates. ” reads the press release published by the U.S.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks

Security Affairs

SEPTEMBER 10, 2018

Security experts from Kaspersky have observed the LuckyMouse APT group (aka Emissary Panda , APT27 and Threat Group 3390) using a digitally signed 32- and 64-bit network filtering driver NDISProxy in recent attacks. defense contractors and financial services firms worldwide. We informed the company about the issue via CN-CERT.”

Communications

Communications Financial Services Government Phishing

OCR Labs exposes its systems, jeopardizing major banking clients

Security Affairs

APRIL 6, 2023

A digital identification tool provided by OCR Labs to major banks and government agencies leaked sensitive credentials, putting clients at severe risk. Its services are used by companies and financial institutions including BMW, Vodafone, the Australian government, Westpac, ANZ, HSBC, and Virgin Money.

IT

IT Financial Services Access Risk

Tianfu Cup 2019 Day 1 – Chinese experts hacked Chrome, Edge, Safari, Office365

Security Affairs

NOVEMBER 17, 2019

Chinese white hat hackers have a long story of success, they won several international hacking contests in the past, but in 2018 the Chinese government prohibited Chinese experts in participating this kind of competition abroad. Since the decision of the Chinese Government, the TianfuCup was set up for the first time in the fall of 2018.

Financial Services

Financial Services Government Security Cybersecurity

California IT service provider Synoptek pays ransom after Sodinokibi attack

Security Affairs

JANUARY 5, 2020

Synoptek has more than 1,100 customers across multiple industries, including local governments, financial services, healthcare, manufacturing, media, retail and software. . ” T he IT service provider confirmed the attack but did not comment on whether it paid the ransom asked by the crooks.

IT

IT Ransomware Financial Services Retail

Kaseya fixed two of the three Kaseya Unitrends zero-days found in July

Security Affairs

AUGUST 26, 2021

DIVD Chairman Victor Gevers told BleepingComputer that the advisory was originally shared with 68 government CERTs under a coordinated disclosure, but became public after one of them shared it with an organization’s service desk operating in the Financial Services.

Authentication

Authentication Financial Services Cloud Security

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

NOVEMBER 16, 2020

The attackers are attempting to exploit the need to install additional security software when South Korean users visit government or financial services websites. . The WIZVERA VeraPort integration installation program is used to manage additional security software (e.g.,

Financial Services

Financial Services Security Government Phishing

A Russian national charged for committing LockBit Ransomware attacks

Security Affairs

JUNE 16, 2023

The operation targeted many organizations in critical infrastructure sectors, including financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation. law enforcement).

Ransomware

Ransomware Agriculture Education Government

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Security Affairs

JUNE 6, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Encryption

Tackling Data Sovereignty with DDR

Security Affairs

JUNE 20, 2023

Data sovereignty also encompasses the rights and regulations governing data storage, processing, and transfer and often intersects with privacy, security, and legal considerations. When data is sovereign, an organization retains control and ownership over that data.

Compliance

Compliance Cybersecurity Risk Encryption

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. Lacewell stated that cybersecurity is the biggest risk for government and private organizations and described how the Framework is based on “extensive dialogue with industry and experts.”. The Framework. 1 See W.B.

Insurance

Insurance Financial Services Cybersecurity Risk

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Targeted Sector Vulnerabilities: Financial Services, IT, Healthcare, Education, and Government sectors have emerged as primary targets, with attackers fine-tuning their strategies to exploit specific vulnerabilities within these industries.

Security

Security Phishing Communications Financial Services

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

Emissary Panda APT group hit Government Organizations in the Middle East

U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours

Webinars

Trending Sources

Papua New Guinea ‘s finance ministry was hit by a ransomware

Webinars

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Russia-linked GRU Unit 29155 targeted critical infrastructure globally

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Law enforcement operation seized Ragnar Locker group’s infrastructure

Iran-linked APT group Pioneer Kitten sells access to hacked networks

France and Germany will block Facebook’s Libra cryptocurrency

Cybersecurity agencies published a joint LockBit ransomware advisory

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

US SEC warns investors of ongoing fraudulent communications claiming from the SEC

Microsoft: Russia-linked SolarWinds hackers breached three new entities

Operation Cronos: law enforcement disrupted the LockBit operation

Nissan Oceania data breach impacted roughly 100,000 people

Avoslocker ransomware gang targets US critical infrastructure

15 billion credentials available in the cybercrime marketplaces

DIVD discloses three new unpatched Kaseya Unitrends zero-days

First American Financial Pays Farcical $500K Fine

Hundreds of malicious Chrome browser extensions used to spy on you!

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

China-linked Budworm APT returns to target a US entity

Cuba Ransomware received over $60M in Ransom payments as of August 2022

Summary – “Industry in One: Financial Services”

Simplifying Compliance in the Complex U.S. FinServ Regulatory Landscape

Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

Maze ransomware gang discloses data from drug testing firm HMR

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks

OCR Labs exposes its systems, jeopardizing major banking clients

Tianfu Cup 2019 Day 1 – Chinese experts hacked Chrome, Edge, Safari, Office365

California IT service provider Synoptek pays ransom after Sodinokibi attack

Kaseya fixed two of the three Kaseya Unitrends zero-days found in July

Lazarus malware delivered to South Korean users via supply chain attacks

A Russian national charged for committing LockBit Ransomware attacks

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Tackling Data Sovereignty with DDR

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Unmasking 2024’s Email Security Landscape

More details about Operation Cronos that disrupted Lockbit operation

Stay Connected