Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access 325

Access Financial Services Retail Insurance 325

Security Affairs

JANUARY 13, 2019

” The TA505 group was first spotted by Proofpoint back 2017, it has been active at least since 2015 and targets organizations in financial and retail industries. In November experts observed several campaigns carried out by the TA505 group, in three of them the threat actors delivered the ServHelper malware.

IT 279

IT Financial Services Ransomware Retail 279

Data Breach Today

OCTOBER 16, 2021

TA505 APT Group delivers phishing email containing malicious links Researchers at Morphisec Labs have published fresh details about a new MirrorBlast campaign that they say is run by a Russia-based threat group TA505, targeting financial services organizations.

Financial Services 345

Financial Services Phishing 345

Thales Cloud Protection & Licensing

OCTOBER 14, 2024

2024 Thales Global Data Threat Report: Trends in Financial Services madhav Tue, 10/15/2024 - 05:17 Financial services (FinServ) firms are key players in the global economy. Nearly two-thirds (64%) of FinServ said it’s more complex to secure data in the cloud than on-prem, compared to 55% of general respondents.

Financial Services 62

Financial Services Cloud Compliance Authentication 62

Data Breach Today

MAY 1, 2020

Top Victims Include Financial Services and Law Firms, Group-IB Warns A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB.

Phishing 334

Phishing Financial Services Security 334

Security Affairs

MAY 30, 2019

Chinese APT group Emissary Panda has been targeting government organizations in two different countries in the Middle East. The Emissary Panda APT group has been active since 2010, targeted organizations worldwide, including U.S. defense contractors , financial services firms, and a national data center in Central Asia.

Government 248

Government Financial Services Security Cybersecurity 248

Krebs on Security

DECEMBER 10, 2020

In 2019, TSYS was acquired by financial services firm Global Payments Inc. Conti is one of several cybercriminal groups that maintains a blog which publishes data stolen from victims in a bid to force the negotiation of ransom payments. NYSE:GPN ].

Ransomware 360

Ransomware Financial Services Access IT 360

Data Breach Today

JANUARY 10, 2024

Million Customers Notified of Breach; BlackCat Ransomware Group Claimed Credit Financial services giant Fidelity National Financial has confirmed that a November 2023 hack attack compromised personal information pertaining to 1.3 million customers of its LoanCare subsidiary.

Financial Services 308

Financial Services Ransomware IT 308

Krebs on Security

FEBRUARY 9, 2023

Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. Members of the Trickbot Group publicly gloated over the ease of targeting the medical facilities and the speed with which the ransoms were paid to the group.”

Ransomware 238

Ransomware Government Cybersecurity Blockchain 238

Security Affairs

MARCH 8, 2022

. “As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert.

Ransomware 265

Ransomware Passwords Financial Services Manufacturing 265

Data Breach Today

NOVEMBER 10, 2023

The LockBit Ransomware Operation May Have Exploited Citrix Bleed A ransomware attack affecting the New York financial services subsidiary of the Industrial and Commercial Bank of China resulted in disruptions to the U.S. Close observers of the criminal underground say ransomware-as-a-service group LockBit is responsible.

Ransomware 293

Ransomware Financial Services Marketing 293

Security Affairs

DECEMBER 15, 2023

Resecurity has uncovered a meaningful link between three major ransomware groups, BianLian, White Rabbit, and Mario Ransomware. Resecurity’s HUNTER (HUMINT) unit spotted the BianLian , White Rabbit , and Mario ransomware gangs collaborating in a joint extortion campaign targeting publicly-traded financial services firms.

Ransomware 347

Ransomware Financial Services Cybersecurity Passwords 347

Security Affairs

OCTOBER 19, 2023

The ransomware operation has been active since late December 2019, the FBI published two flash alert to warn of the operation of the group. The Ragnar Locker group focuses on extortion, in some cases it did not deploy ransomware, instead it only stole the victim’s data threatening to leak it.

Ransomware 347

Ransomware Financial Services Manufacturing Government 347

Security Affairs

OCTOBER 13, 2022

The Budworm espionage group resurfaced targeting a U.S.-based This is the first time that Symantec researchers have observed the Budworm group targeting a U.S-based The group also targeted a hospital in South East Asia. The China-linked APT27 group has been active since 2010, it targeted organizations worldwide, including U.S.

File names 363

File names Financial Services Manufacturing Libraries 363

Security Affairs

JUNE 5, 2021

Recently Cyber researchers for Cyble investigated an attack suffered by on May 30, 2021, by Nucleus Software, an India-based IT company in the Banking and Financial Services sector. Nucleus Software declared that it does not store customers’ financial data. ” reads the post published by Cyble.

Ransomware 363

Ransomware Encryption File names Financial Services 363

Security Affairs

SEPTEMBER 5, 2021

. “Pacific City Bank provides outstanding banking and financial services for businesses and consumers. ” Below one of the images shared by the group: The ransomware gang published a ZIP archive named proof that contains a series of documents allegedly stolen from the bank.

Ransomware 343

Ransomware Financial Services Archiving Security 343

Security Affairs

AUGUST 20, 2024

In December 2023, Toyota Financial Services (TFS) warned customers it had suffered a data breach that exposed sensitive personal and financial data. Toyota Financial Services (TFS) is the finance arm of the Toyota Motor Corporation. The Medusa group has now published the stolen data on its Tor leak site.

Data breaches 296

Data breaches Financial Services Archiving Passwords 296

Security Affairs

DECEMBER 22, 2023

The Akira ransomware group announced it had breached the network of Nissan Australia, the Australian branch of the car maker giant. ” reads the message published by the group on its data leak site. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers.

Ransomware 355

Ransomware Data breaches Financial Services Archiving 355

Security Affairs

JULY 25, 2024

Terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks. Yesterday Federal Bureau of Investigation (FBI) Director Christopher Wray expressed growing concerns over the potential for a coordinated foreign terrorist attack in the United States.

Risk 352

Risk e-Delivery Communications Financial Services 352

Security Affairs

DECEMBER 4, 2023

on November 8 has laid bare the vulnerability of the global financial system to cyberattacks. LockBit ransomware group claimed responsibility for the attack against ICBC, the largest lender in the world by assets, with $5.7 LockBit specifically targeted ICBC Financial Services (ICBC FS), a wholly owned U.S.

Ransomware 347

Ransomware Financial Services Marketing Government 347

Security Affairs

SEPTEMBER 4, 2023

It is not clear who is behind the DDoS attack, but the media speculate that it was launched by pro-Russian hacktivists in response to the German financial and military support to Ukraine. The BaFin website was included in January in a list of targets published by the pro-Russia group Killnet on its Telegram channel.

Financial Services 357

Financial Services Military Insurance Marketing 357

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July.

Insurance 276

Insurance Data breaches Financial Services Passwords 276

Security Affairs

SEPTEMBER 6, 2024

Starting January 13, 2022, the group employed the WhisperGate wiper in attacks against Ukrainian organizations. The government expert pointed out that Unit 29155 operates independently from other GRU-affiliated groups like Unit 26165 and Unit 74455.

Financial Services 347

Financial Services Government IoT Communications 347

Security Affairs

NOVEMBER 10, 2023

Treasury market and impacted some fixed income and equities transactions “The Securities Industry and Financial Markets Association first told members on Wednesday that ICBC Financial Services had been hit by ransomware software, which paralyses computer systems unless a payment is made, several people familiar with the discussions said.”

Ransomware 324

Ransomware Financial Services Marketing Authentication 324

Security Affairs

JANUARY 4, 2021

Researchers from security firms Profero and Security Joes linked a series of ransomware attacks to the China-linked APT27 group. Security researchers from security firms Profero and Security Joes investigated a series of ransomware attacks against multiple organizations and linked them to China-linked APT groups.

Ransomware 338

Ransomware Encryption Financial Services Security 338

Security Affairs

FEBRUARY 19, 2024

Lockbit ransomware group administrative staff has confirmed with us their websites have been seized. In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023.

Energy and Utilities 338

Energy and Utilities Ransomware Agriculture Financial Services 338

Security Affairs

JUNE 6, 2024

.” The operation led to the arrest of two members of the ransomware gang in Poland and Ukraine and the seizure of hundreds of crypto wallets used by the group. The authorities also seized the dark web Tor leak site used by the group. It was the first time that the admin of the notorious group was identified by law enforcement.

Energy and Utilities 343

Energy and Utilities Ransomware Agriculture Encryption 343

Security Affairs

MAY 28, 2020

Google Threat Analysis Group (TAG) has published today its first TAG quarterly report that analyzes rising trends in nation-state and financially motivated attacks. The Google Threat Analysis Group (TAG) is a group inside the Google’s security team that tracks operations conducted by nation-state actors and cybercrime groups.

Financial Services 279

Financial Services Government Phishing Marketing 279

Security Affairs

MAY 2, 2020

” A few days ago, researchers from Group-IB reported a campaign dubbed “ PerSwaysion ,” in which attackers exploit Microsoft’s Sway file-sharing to gain access to many confidential corporate MS Office365 emails of mainly financial service companies, law firms, and real estate groups. Recently the U.S.

Phishing 363

Phishing Financial Services Cybersecurity Access 363

Security Affairs

JANUARY 26, 2022

The BfV German domestic intelligence services warn of ongoing attacks carried out by the China-linked APT27 cyberespionage group. The Bun­des­amt für Ver­fas­sungs­schutz (BfV) federal domestic intelligence agency warns of ongoing attacks coordinated by the China-linked APT27 group. ” continues the advisory.

Financial Services 256

Financial Services Access IT Security 256

Security Affairs

DECEMBER 26, 2023

Key trends: 1️ Increased Ransomware Activity Targeting Public Companies Ransomware groups are poised to intensify their focus on publicly-traded organizations. Recent U.S. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, 2024 Cyber Threat Landscape Forecast)

Energy and Utilities 346

Energy and Utilities Artificial Intelligence Ransomware Data breaches 346

Collibra

MARCH 26, 2025

This is why we offer certified Data Citizen User Groups in the Collibra Community to keep the conversation and inspiration going among all of you our customers. What are Data Citizens User Groups? Our Data Citizen User Groups are interactive, real-time opportunities for our customers to connect.

Financial Services 52

Financial Services Insurance Education Government 52

Security Affairs

MAY 24, 2023

Iran-linked threat actor Tortoiseshell targeted shipping, logistics, and financial services companies in Israel with watering hole attacks. The activity of the APT group was first detailed by Symantec in 2019, the experts analyzed a series of attacks against IT providers in Saudi Arabia and US entities.

Financial Services 246

Financial Services Security Cybersecurity IT 246

IBM Big Data Hub

FEBRUARY 26, 2024

The financial services industry has been in the process of modernizing its data governance for more than a decade. How can banks, credit unions, and financial advisors keep up with demanding regulations while battling restricted budgets and higher employee turnover? Don’t wait.

Financial Services 90

Financial Services Cloud Metadata Digital transformation 90

Security Affairs

MARCH 14, 2024

The Australian and New Zealand Nissan Corporation and Financial Services (“Nissan”) advises that its systems have been subject to a cyber incident. The company did not share details about the attack or its scope, but a few weeks later the Akira ransomware group claimed to have stolen 100 GB of information from the company.

Data breaches 326

Data breaches Financial Services Ransomware Government 326

Security Affairs

OCTOBER 31, 2024

Interbank , formally the Banco Internacional del Perú Service Holding S.A.A. is a leading Peruvian provider of financial services has over 2 million customers. Peruvian Interbank confirmed a data breach after threat actors accessed its systems and leaked stolen information online.

Data breaches 246

Data breaches Financial Services Passwords Access 246

Security Affairs

NOVEMBER 8, 2021

In the middle of September, the FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warned that nation-state APT groups were actively exploiting the CVE-2021-40539 flaw. The APT group has been active since 2010, targeted organizations worldwide, including U.S. “As early as Sept.

Communications 304

Communications Blockchain Passwords Financial Services 304