Security Affairs

NOVEMBER 5, 2024

The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed ToxicPanda, which already infected over 1,500 Android devices. ” reads the report published by Cleafy.

Banking 121

Banking Malware Accountability Authentication 121

Krebs on Security

NOVEMBER 10, 2021

Smishing messages usually include a link to a site that spoofs a popular bank and tries to siphon personal information. But increasingly, phishers are turning to a hybrid form of smishing — blasting out linkless text messages about suspicious bank transfers as a pretext for immediately calling and scamming anyone who responds via text.

Banking 363

Banking Phishing Scams Accountability 363

Security Affairs

FEBRUARY 4, 2025

Coyote Banking Trojan targets Brazilian users, stealing data from over 70 financial applications and websites. FortiGuard Labs researchers detected a campaign using LNK files executing PowerShell commands to deploy the Coyote Banking Trojan. Then the malware starts monitoring the active window.

Banking 118

Banking Malware Antivirus Cyber threats 118

Krebs on Security

OCTOBER 7, 2022

consumers have their online bank accounts hijacked and plundered by hackers, U.S. But new data released this week suggests that for some of the nation’s largest banks, reimbursing account takeover victims has become more the exception than the rule. Bank , and Wells Fargo. ” Sen.

Banking 288

Banking Accountability Scams Passwords 288

Krebs on Security

AUGUST 7, 2024

That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. On June 26, Turner filed a pro se lawsuit against PNC Bank , alleging “unlawful discriminatory and tortuous action” after he was denied a wire transfer in the amount of $75,000.

Banking 288

Banking Cybercrime Accountability Retail 288

Malwarebytes

NOVEMBER 4, 2024

We identified a new wave of phishing for banking credentials that targets consumers via Microsoft’s search engine. Multi-factor authentication is still highly recommended, but users should be aware that criminals can directly ask for verification codes while pretending to be the real bank.

Engineering 125

Engineering Phishing Banking Authentication 125

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered a security breach by financially-motivated threat actors. The Daily Monitor newspaper reported that the attackers stole 47.8

Banking 98

Banking Government Accountability Hacking 98

Malwarebytes

MARCH 19, 2025

California Cryobank (CCB) is a sperm donation and cryopreservation firm and one of the US top sperm banks. The information potentially involved varies by customer but includes names and one or more of the following: Drivers license numbers Bank account and routing numbers.

Banking 92

Banking Data breaches Computers and Electronics Passwords 92

Security Boulevard

OCTOBER 31, 2024

The post Shedding AI Light on Bank Wire Transfer Fraud appeared first on Security Boulevard. Wire transfer fraud occurs when scammers convince a company to send money to a fraudulent account. While weeding out suspicious requests like this may seem rudimentary, it’s not.

Banking 110

Banking Accountability Social Engineering Engineering 110

Security Affairs

MARCH 19, 2025

California Cryobank, the largest US sperm bank, suffered a data breach exposing customer information. California Cryobank (CCB) is the largest sperm bank in the U.S., providing frozen donor sperm and reproductive services, including egg and embryo storage.

Data breaches 108

Data breaches Banking Insurance Hacking 108

Krebs on Security

AUGUST 4, 2022

Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. So they sent her some information about where to wire the money, and asked her to go to the bank.

Banking 310

Banking Scams Accountability Passwords 310

Krebs on Security

NOVEMBER 19, 2024

Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. However, it did reference many of the same banks called out as Finastra customers in the Nov.

Data breaches 292

Data breaches Banking Cybercrime Advertising 292

Security Affairs

MARCH 28, 2025

Grandoreiro Banking Trojan resurfaces, targeting users in Latin America and Europe in new phishing campaigns. Forcepoint X-Labs researchers warn of new phishing campaigns targeting Latin America and Europe in new phishing campaigns.

Banking 88

Banking Phishing Malware Passwords 88

Security Affairs

MARCH 29, 2025

The new Android trojan Crocodilus exploits accessibility features to steal banking and crypto credentials, mainly targeting users in Spain and Turkey. ThreatFabric researchers discovered a new Android trojan called Crocodilus, which exploits accessibility features to steal banking and crypto credentials. ” ThreatFabric concludes.

Banking 68

Banking Mobile Identity Theft Malware 68

Tech Republic Security

SEPTEMBER 6, 2024

Tenable's research reveals 26,500 cyber vulnerabilities in Southeast Asia's banking and insurance sectors, exposing critical security risks.

Banking 180

Banking Risk Insurance Financial Services 180

Lohrman on Security

DECEMBER 12, 2021

financial institutions are leaders in global cyber defense. Recently approved rules will mandate the reporting of security incidents next year. We explore the topic with cybersecurity expert Michael McLaughlin.

Banking 347

Banking Cybersecurity 347

Schneier on Security

FEBRUARY 13, 2025

This approach, known as “separation of duties,” isn’t just bureaucratic red tape; it’s a fundamental security principle as old as banking itself. When your local bank processes a large transfer, it requires two different employees to verify the transaction.

Government 363

Government Artificial Intelligence Banking Software 363

Schneier on Security

SEPTEMBER 20, 2022

And bank cards can be stopped. Once they have the phone and the card, they register the card on the relevant bank’s app on their own phone or computer. That verification passcode is sent by the bank to the stolen phone. Once accepted, they have control of the bank account.

Banking 346

Banking Accountability Passwords Authentication 346

Krebs on Security

OCTOBER 30, 2024

Having a freeze in place does nothing to prevent you from using existing lines of credit you may already have, such as credit cards, mortgage and bank accounts.

Healthcare 295

Healthcare Insurance Computers and Electronics Data breaches 295

Hacker's King

DECEMBER 17, 2024

The cybersecurity world has been abuzz with news of a new Linux variant of FASTCash, a sophisticated malware targeting the banking sector. FASTCash has gained notoriety for its ability to bypass banking security protocols, enabling cybercriminals to withdraw massive amounts of cash from ATMs.

Banking 52

Banking Social Engineering Malware Cyber threats 52

Krebs on Security

NOVEMBER 19, 2021

One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim’s funds via Zelle , a “peer-to-peer” (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family. “Members don’t have to request to use Zelle.

Scams 362

Scams Banking Passwords Authentication 362

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. Bank customers. Bank customers.

Malware 329

Malware Banking Phishing DDOS 329

Centraleyes

MARCH 27, 2025

central banking system. The Office of the Comptroller of the Currency (OCC) – Regulates and supervises national banks and federal savings associations. FFIEC 031 applies to banks with both domestic and foreign offices, while FFIEC 041 applies to banks with domestic branches only.

Banking 52

Banking Insurance Consumer Protection Risk 52

Security Boulevard

MARCH 27, 2025

This comprehensive guide will explore the councils origins, structure, responsibilities, [] The post The FFIECs Origins and Purpose for Banking Industry appeared first on Centraleyes. The post The FFIECs Origins and Purpose for Banking Industry appeared first on Security Boulevard.

Banking 52

Banking 52

Adam Shostack

JANUARY 2, 2025

Recently, I was opening a new bank account. The bank unexpectedly sent me a temporary password to sign up, and when I did, the temporary password had expired. But then, after I went to reset the password, the bank emailed me a one time code. Only enter it on the bank mobile app or website. Good for them! Less frustration.

Banking 130

Banking Passwords Password Management Authentication 130

Krebs on Security

APRIL 27, 2023

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. Huntington Bank has disabled the leaky TCF Bank Salesforce website.

Banking 341

Banking Government Information Security Authentication 341

The Hacker News

MARCH 29, 2025

Cybersecurity researchers have discovered a new Android banking malware called Crocodilus that's primarily designed to target users in Spain and Turkey.

Banking 121

Banking Malware Cybersecurity 121

Security Boulevard

FEBRUARY 14, 2025

Plus, Europol offers best practices for banks to adopt quantum-resistant cryptography. In addition to adopting post-quantum cryptography , banks and other financial institutions should take this opportunity to boost their cryptography management practices, according to Europol.

Banking 64

Banking Cybercrime Cybersecurity Ransomware 64

Schneier on Security

MARCH 1, 2023

A reporter used an AI synthesis of his own voice to fool the voice authentication system for Lloyd’s Bank.

Authentication 291

Authentication Banking Artificial Intelligence 291

Schneier on Security

JULY 26, 2021

Without this payment channel, they write, the major ransomware epidemic is likely to vanish, since the only payment alternatives are suitcases full of cash or the banking system, both of which have severe limitations for criminal enterprises. Or gives out their banking details. This is where it gets interesting.

Ransomware 364

Ransomware Cryptocurrency Banking Accountability 364

Troy Hunt

APRIL 28, 2024

Remember the old "bank grade security" adage? This week, Commbank is telling people to use a password manager but just not for their bank password, and ANZ bank is forcing people to rotate their passwords once a year because, uh, hackers?

Banking 266

Banking Passwords Password Management Data breaches 266

Schneier on Security

JANUARY 9, 2024

This is an old piece of malware—the Chameleon Android banking Trojan—that now disables biometric authentication in order to steal the PIN : The second notable new feature is the ability to interrupt biometric operations on the device, like fingerprint and face unlock, by using the Accessibility service to force a fallback to PIN or password (..)

Malware 324

Malware Banking Passwords Authentication 324

Krebs on Security

FEBRUARY 28, 2025

Madory said Kaspersky’s network appears to be hosting several financial institutions , including Russia’s largest — Alfa-Bank. Doug Madory , director of Internet analysis at Kentik , said routing records show the relationship between Prospero and Kaspersky started at the beginning of December 2024.

Malware 240

Malware Antivirus Software DDOS 240